0

I have this config in ~/.ssh/config:

Host *.myhost.com
 User awwuser
 IdentityFile my-keys/myhost/id_dsa

The thing is, I have 2 different private keys for different hosts also I have 2 different users for that hosts, so I want to not to write them down each time through ssh options. As I found out, I can create a config file, which will automatically set username and private key to use.

As I understand from the documentation, I did everything correct.

But this config doesn't seem to work at all. When I do ssh subdomain.myhost.com it tries to connect to it using current user name, not the one specified in config. When I'm specifying username through ssh options, it doesn't see correct identity file. So my config doesn't seem working at all.

Please advise.

P.S. I'm using open ssh 6.0

dhblah
  • 1,403
  • 2
  • 10
  • 7
  • 1
    I can not reproduce that. Though I am not using a SSH keyfile. I have set it up just like you and it works fine with the username. Maybe the path to the keyfile is wrong? – Christopher Perrin Jun 20 '12 at 17:11
  • @cperrin88 if there was a wrong path to the keyfile, at least username will be substituted, but it's not. – dhblah Jun 20 '12 at 17:22
  • Btw, thank you. Problem advanced. I mistaken in domain of the hostname. Also when I specified full path to the identity file, it started working. – dhblah Jun 20 '12 at 17:29

2 Answers2

1

First you might keep in mind that your SSH configuration options are read in from top to bottom.

Depending on your setup you may also have a global section in your configuration setting defaults. Somewhat like this.

Host *
    ForwardAgent yes
    ForwardX11 yes
    ForwardX11Trusted yes
    Protocol 2
    AddressFamily inet
    SendEnv LANG LC_*
    HashKnownHosts no
    GSSAPIAuthentication no

If that section is before your section, then the settings from the * section will be used. Generally you want to order your SSH configuration file from the most specific settings to the least specific.

So something like this.

  host fully.qualitified.tld
   ...
  host *.example.com
   ...
  host *

You must also keep in mind that the name matching matches the exact name that you type on the command line. It doesn't not take into account DNS searching that you might get because you have myhost.com in your search path.

So if you run the command ssh foo, and you happen to have DNS setup where it resolves foo to foo.example.com, the SSH client would not use any settings from host foo.example.com. You can make your life easier by also adding multiple aliases in your config file like this host foo.example.com foo.example foo.

Since you mentioned you have multiple keys. Keep in mind that you might be a lot better off just starting an SSH agent on your client, and adding all your keys. Then just let SSH negotiate which key to use automatically. You can also have multiple IdentityFile options in a host * section. SSH will just try all of them one at a time.

Zoredache
  • 130,897
  • 41
  • 276
  • 420
  • Thanks for your answer it's really informative. Although I've already found the problem, it was a wrong domain in Host name and my IdentityFile path wasn't absolute. After I set a correct Host name and full path, everything started working. – dhblah Jun 20 '12 at 19:14
0

Thanks all for your attention. I found the problem, it was a wrong domain in Host name and my IdentityFile path wasn't absolute. After I set a correct Host name and full path, everything started working.

dhblah
  • 1,403
  • 2
  • 10
  • 7