user@host configuration in ~/.ssh/config - SSH

This is a discussion on user@host configuration in ~/.ssh/config - SSH ; Hi. I have a setup of several users and hosts, all of which have their own key/public key set up for passwordless login. On several hosts I have multiple users. What I was wondering was if I could set up ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: user@host configuration in ~/.ssh/config

  1. user@host configuration in ~/.ssh/config

    Hi.

    I have a setup of several users and hosts, all of which have their own
    key/public key set up for passwordless login.
    On several hosts I have multiple users.

    What I was wondering was if I could set up the ~/.ssh/config file to use
    the correct id_dsa_ file for each user, instead of having to
    have a large list for each host?


    Something like (which I know doesn't work):

    Host user@host
    IdentityFile ~/.ssh/id_dsa_user_host
    Host user2@host
    IdentityFile ~/.ssh/id_dsa_user2_host
    Host user3@host
    IdentityFile ~/.ssh/id_dsa_user3_host
    Host *
    IdentityFile ~/.ssh/id_dsa

    I am aware that I can use aliases for the host, and thus achieve what I
    want by having different aliases for different users (much the same as
    you can do with .netrc and ftp), but this requires that you have to edit
    in more than one file, and you need to have access to the /etc/hosts
    file.


    Can what I want be achieved, or are there other ways to achieve this?

    --
    Stein Arne

  2. Re: user@host configuration in ~/.ssh/config

    On 2006-01-17, Stein Arne Storslett wrote:
    > What I was wondering was if I could set up the ~/.ssh/config file to use
    > the correct id_dsa_ file for each user, instead of having to
    > have a large list for each host?
    >
    > Something like (which I know doesn't work):
    >
    > Host user@host
    > IdentityFile ~/.ssh/id_dsa_user_host
    > Host user2@host
    > IdentityFile ~/.ssh/id_dsa_user2_host
    > Host user3@host
    > IdentityFile ~/.ssh/id_dsa_user3_host
    > Host *
    > IdentityFile ~/.ssh/id_dsa


    It would be nice if the "%r" worked here ("IdentityFile ~/.ssh/id_dsa_%r_%h")
    but unfortunately it doesn't.

    > I am aware that I can use aliases for the host, and thus achieve what I
    > want by having different aliases for different users (much the same as
    > you can do with .netrc and ftp), but this requires that you have to edit
    > in more than one file, and you need to have access to the /etc/hosts
    > file.


    Why do you need to edit /etc/hosts for that? The following ought to work:

    Host host-user1
    Hostname host
    User host
    IdentityFile ~/.ssh/id_dsa_user1_host

    .... and so on.

    --
    Darren Tucker (dtucker at zip.com.au)
    GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
    usually comes from bad judgement.

  3. Re: user@host configuration in ~/.ssh/config

    wrote in <43cceb2c$0$23536$5a62ac22@per-qv1-newsreader-01.iinet.net.au>:
    > On 2006-01-17, Stein Arne Storslett wrote:
    >
    >> I am aware that I can use aliases for the host, and thus achieve what I
    >> want by having different aliases for different users (much the same as
    >> you can do with .netrc and ftp), but this requires that you have to edit
    >> in more than one file, and you need to have access to the /etc/hosts
    >> file.

    >
    > Why do you need to edit /etc/hosts for that? The following ought to work:
    >
    > Host host-user1
    > Hostname host
    > User host
    > IdentityFile ~/.ssh/id_dsa_user1_host
    >
    > ... and so on.


    DAMN, i didn't know this!
    So when I do a "sftp user1-host" SSH actually does not do a DNS query
    until it has checked the config file?
    Well, it is something like that or other, because I just tried it, and
    it worked.

    I thought that the part of "Host " _had_ to be a real
    hostname.

    I see now from the man-page of ssh_config:

    HostName
    Specifies the real host name to log into. This can be used to
    specify nicknames or abbreviations for hosts. Default is the
    name given on the command line. Numeric IP addresses are also
    permitted (both on the command line and in HostName
    specifications).

    Thank you very much for clearing this up for me.


    Allthough I would really find a @ syntax in the Config file
    more intuitive.

    Maybe:

    Host
    UserOpts user1
    IdentityFile=...
    ForwardX11 no
    UserOpts user1
    IdentityFile=...
    ForwardX11 yes

    Oh well...

    --
    Stein Arne

+ Reply to Thread