Skip to content

Instantly share code, notes, and snippets.

@luciopaiva

luciopaiva/ssh config key selection issues.md

Created May 22, 2018 22:38
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save luciopaiva/5131ee7bf3b938cd5a1d0195bb00b8a7 to your computer and use it in GitHub Desktop.
Save luciopaiva/5131ee7bf3b938cd5a1d0195bb00b8a7 to your computer and use it in GitHub Desktop.
Download ZIP
ssh config key selection issues
Raw
ssh config key selection issues.md

Example .ssh/config file:

# severals rules that depend on the wildcard rule at the bottom

Host foo.com
    HostName foo.com
    User foo
    IdentityFile /path/to/id-1

Host *
    User bar
    IdentityFile /path/to/id-2
    IdentityOnly yes

Then if you try:

ssh -Tv git@foo.com

It will try id-2 because of the way IdentityFile works. As in the docs:

IdentityFile
     [...]

     It is possible to have multiple identity files specified in configu‐
     ration files; all these identities will be tried in sequence.  Mul‐
     tiple IdentityFile directives will add to the list of identities
     tried (this behaviour differs from that of other configuration
     directives).

Although it doesn't specify which order it follows when deciding which key to use, it always tried my wildcard rule key first, even if I moved it to before my foo.com rule. The solution was to explicitly exclude foo.com from the wildcard rule, like this:

Host * !foo.com
    User bar
    IdentityFile /path/to/id-2
    IdentityOnly yes
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment