home: services: openssh: identity-file could be a list of strings.

Open

Details

2 participants

Oleg Pykhalov
Ludovic Courtès

Owner: unassigned

Submitted by: Oleg Pykhalov

Severity: normal

O

O

Oleg Pykhalov wrote on 19 Jun 2022 09:39

Recipients:(name . bug-guix)(address . bug-guix@gnu.org)

Message-ID:87o7ypdruu.fsf@gmail.com

Currently ‘identity-file’ in ‘openssh-host’ record is a ‘maybe-string’,

but it could be a list, which generates a config like:

Host example.org

…

IdentityFile ~/.ssh/id_rsa_1

IdentityFile ~/.ssh/id_rsa_2

IdentityFile ~/.ssh/id_rsa_3

SSH_CONFIG(5) man page:

IdentityFile

…

It is possible to have multiple identity files specified in con‐

figuration files; all these identities will be tried in sequence.

Multiple IdentityFile directives will add to the list of identi‐

ties tried (this behaviour differs from that of other configura‐

tion directives).

Personally I use more than one ‘IdentityFile’ as a workaround to define

a big ‘ssh_config’. SSH connects with a first successed ‘IdentityFile’.

Oleg.

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCgAyFiEEcjhxI46s62NFSFhXFn+OpQAa+pwFAmKu0rkUHGdvLndpZ3Vz
dEBnbWFpbC5jb20ACgkQFn+OpQAa+pwGUw/+PpwPkKfrvrlL72IeQGJ7wBtn/njv
Xt4+d/rXQ4SKa4stoJVLXnfM4a4u71V5K7b44IpyTeEzLqi2h9qOKlsA1Kv+fPMQ
lPEELtIGqnuNnut0yqTcZzVmyMACCnA032831qEoJ5H8JV8uJT/ktCpDxswLz6j6
mFGt9K6otxYhSOWvnEuUKo9L+1pMcfu9e+t8NZjFDKV2wuPs9fjA5y6T+aBE+Cxd
XfReGLLy44KlksvTNLuGpKxLA1O7y1SPeCqqRWqVrjLZfR0jH8/ril1yFgDp12bC
zOZ2zeiBkvaMVYgcP6N8yDB6n1noyb198TZpika2o3hGgSqAZhomay733sA0lmBz
kv60IZp+CpEY6bAC+C0dF2iqidIuOBw6bec0M9y8fVfos6dJXd86SsmerUh0w11L
lmX3LmlYuiqVOdc/czlvj8bvgEYf4fDYlW3iHOQQgfmSEX89O+cIF53GF0/aKl+0
jaGjn+YA74Vz+nKqYGeHcaR4s/ZD3/8mZ0L2nUFCtvyV9tVowibmL01zy82nKzr+
UCwi94Q7czA76qmg7DYsqxNvUvXaz8xLcsRrMPmSpjNMUIBkZs0jBDWoZHelcWnF
twkr4aQZznQwYXIKWuMqsvpVi0cJZPH/a4VW1sbLBFDxdw4mw/3Ba24XDPNXsAJm
yol+JmbCoOPDmU0=
=aT6g
-----END PGP SIGNATURE-----

L

L

Ludovic Courtès wrote on 3 Jul 2022 22:52

Recipients:(name . Oleg Pykhalov)(address . go.wigust@gmail.com)(address . 56082@debbugs.gnu.org)

Message-ID:87a69pzzo4.fsf@gnu.org

Hi,

Oleg Pykhalov <go.wigust@gmail.com> skribis:

Toggle quote (9 lines)

> Currently ‘identity-file’ in ‘openssh-host’ record is a ‘maybe-string’,

> but it could be a list, which generates a config like:

>

> Host example.org

> …

> IdentityFile ~/.ssh/id_rsa_1

> IdentityFile ~/.ssh/id_rsa_2

> IdentityFile ~/.ssh/id_rsa_3

I didn’t realize it was possible. Worth fixing!

Thanks,

Ludo’.

?

Your comment

Commenting via the web interface is currently disabled.

To comment on this conversation send an email to 56082@debbugs.gnu.org