OpenSSH Key Storage

Markus Friedl markus at
Mon Feb 4 04:37:54 EST 2002

On Fri, Feb 01, 2002 at 11:30:14AM -0500, Michael T. Babcock wrote:
> Excuse me, but my server runs SSH on several ports and some of them are actually
> TCP redirects to internal servers.  That is why I care about this feature; how I
> get to those servers is not consistent, but their keys should all be stored in
> a way that if I repeat my actions, I'll get no key warnings.

this is exactly what HostKeyAlias is for, just keep
ssh_config uptodate.

having users remember to use proxy port 1000 for the
internal server a and proxy port 2000 for server b is
hard. setting up ssh_config is simpler:

	Host A
		Hostname proxy
		Port	1000
		HostKeyAlias A
	Host B
		Hostname proxy
		Port	2000
		HostKeyAlias B

so the users can use
	$ ssh A
	$ ssh B
without any problems.

even with your suggested change, the users
still have to type
	$ ssh -p 1000 proxy

More information about the openssh-unix-dev mailing list