From owner-freebsd-questions@FreeBSD.ORG Wed Nov 11 15:40:45 2009 Return-Path: Delivered-To: questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D03701065672 for ; Wed, 11 Nov 2009 15:40:45 +0000 (UTC) (envelope-from guru@unixarea.de) Received: from dd12710.kasserver.com (dd12710.kasserver.com [85.13.134.233]) by mx1.freebsd.org (Postfix) with ESMTP id 8EF178FC16 for ; Wed, 11 Nov 2009 15:40:45 +0000 (UTC) Received: from current.Sisis.de (cazador.sisis.de [193.31.11.193]) by dd12710.kasserver.com (Postfix) with ESMTP id 7D8C9185BB0E9; Wed, 11 Nov 2009 16:20:47 +0100 (CET) Received: (from guru@localhost) by current.Sisis.de (8.14.3/8.14.3/Submit) id nABFKl8w004752; Wed, 11 Nov 2009 16:20:47 +0100 (CET) (envelope-from guru@unixarea.de) X-Authentication-Warning: current.Sisis.de: guru set sender to guru@unixarea.de using -f Date: Wed, 11 Nov 2009 16:20:47 +0100 From: Matthias Apitz To: Vincent Hoffman Message-ID: <20091111152047.GA4729@current.Sisis.de> References: <4AFAD3B8.1000609@unsane.co.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <4AFAD3B8.1000609@unsane.co.uk> User-Agent: Mutt/1.4.2.3i X-Operating-System: FreeBSD 8.0-CURRENT (i386) Cc: questions@freebsd.org Subject: Re: ssh-agent and ordering of keys X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Matthias Apitz List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Nov 2009 15:40:45 -0000 El día Wednesday, November 11, 2009 a las 03:09:44PM +0000, Vincent Hoffman escribió: > Hi all, > I've a bit of an annoying problem that hopefully someone > here has delt with before. I have a large(ish) number of ssh keys as i > like to keep things nicely seperated, I also use longish passphrases. To > deal with long pass phrases I have started to use ssh-agent, which is > working nicely but since i have a large number of keys and ssh-agent > doesnt let you specify a particular key for a particular machine (I was > using host and IdentiyFile lines in ~/.ssh/config before) I'm starting > to hit a problem where I'm unable to log in to a machine as I'm hitting > the MaxAuthTries value in sshd_config. I know i could just bung the > MaxAuthTries value up to 20 or so on all my servers but I dont really > want to, I'd rather a way of specifying which ssh key ssh-agent uses for > a specific host, (like i said it ignores the IdentiyFile lines in the > config file and ignores the -i switch to ssh itself.) Any ideas welcome. I have never used this, but you could start different ssh-agent(1) and loading the key(s) you want to use to one or the other and let ssh(1) ask the dedicated ssh-agent(1) for a given host by some shell wrapping (i.e. mapping the -i filename to the correct ssh-agent(1) socket); HIH matthias -- Matthias Apitz t +49-89-61308 351 - f +49-89-61308 399 - m +49-170-4527211 e - w http://www.unixarea.de/ Vote NO to EU The Lisbon Treaty: http://www.no-means-no.eu