Date: Wed, 11 Nov 2009 16:20:47 +0100 From: Matthias Apitz <guru@unixarea.de> To: Vincent Hoffman <vince@unsane.co.uk> Cc: questions@freebsd.org Subject: Re: ssh-agent and ordering of keys Message-ID: <20091111152047.GA4729@current.Sisis.de> In-Reply-To: <4AFAD3B8.1000609@unsane.co.uk> References: <4AFAD3B8.1000609@unsane.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
El día Wednesday, November 11, 2009 a las 03:09:44PM +0000, Vincent Hoffman escribió: > Hi all, > I've a bit of an annoying problem that hopefully someone > here has delt with before. I have a large(ish) number of ssh keys as i > like to keep things nicely seperated, I also use longish passphrases. To > deal with long pass phrases I have started to use ssh-agent, which is > working nicely but since i have a large number of keys and ssh-agent > doesnt let you specify a particular key for a particular machine (I was > using host and IdentiyFile lines in ~/.ssh/config before) I'm starting > to hit a problem where I'm unable to log in to a machine as I'm hitting > the MaxAuthTries value in sshd_config. I know i could just bung the > MaxAuthTries value up to 20 or so on all my servers but I dont really > want to, I'd rather a way of specifying which ssh key ssh-agent uses for > a specific host, (like i said it ignores the IdentiyFile lines in the > config file and ignores the -i switch to ssh itself.) Any ideas welcome. I have never used this, but you could start different ssh-agent(1) and loading the key(s) you want to use to one or the other and let ssh(1) ask the dedicated ssh-agent(1) for a given host by some shell wrapping (i.e. mapping the -i filename to the correct ssh-agent(1) socket); HIH matthias -- Matthias Apitz t +49-89-61308 351 - f +49-89-61308 399 - m +49-170-4527211 e <guru@unixarea.de> - w http://www.unixarea.de/ Vote NO to EU The Lisbon Treaty: http://www.no-means-no.eu
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20091111152047.GA4729>