Key Selection with agent
Iain Morgan
imorgan at nas.nasa.gov
Sat Oct 11 06:50:31 EST 2014
On Mon, Oct 06, 2014 at 11:50:21 +1100, Damien Miller wrote:
> On Sat, 4 Oct 2014, Patrick Marc Preuss wrote:
>
> > Hi All
> >
> > is it possible to select the presented key based on the hash?
>
> I don't know what hash you are talking about.
>
> > The Situation is following:
> >
> > Workstatation is running the Agent with some keys
> > Need to use a jump host to connect to other hosts.
>
> You can use something like the following in your ~/.ssh/config
>
> Host foo
> IdentitiesOnly yes
> IdentityFile ~/.ssh/id_foo.pub
>
> Host bar
> IdentitiesOnly yes
> IdentityFile ~/.ssh/id_bar.pub
>
> ssh will use the specified key from the agent, even if it offers others.
>
> Unfortunately there is no way to select/filter keys when an agent is
> forwarded yet. It would be a nice feature though.
>
> -d
If you place a copy of the public key on a remote system, and add
appropriate entries for IdentiesOnly and IdentityFile into the
~/.ssh/config on that system, you can control which key is used when
connecting to other systems.
What would be nice is if you could specify a key fingerprint with
IdentityFile rather than having to provide the actual public key. This
may have been what Patrick was referring to.
--
Iain Morgan
More information about the openssh-unix-dev
mailing list