How can I convince that id_dsa is not stored in ~/.ssh when connecting to one particular host.
The obvious question is why. The answer is this key is more sensitive and needs to be password protected while the other is used for automation.
While this is not a programming problem, I would not be surprised to learn this requires a programming solution.
To specify which private key should be used for connections to a particular remote host, use a text editor to create a ~/. ssh/config that includes the Host and IdentityFile keywords. Once you save the file, SSH will use the specified private key for future connections to that host.
So, No - you'll need a separate key for each account. Although you need multiple ssh key pairs for multiple accounts you can configure multiple ssh identities and use via aliases on your machine. You can also just use your username in place of "git" or "hg". Still need separate keys, though.
You can use the same key pair for two servers. You just copy over the public portion of your keyset to both machines and add it to the authorized_keys file. Show activity on this post. SSH server uses Public - Private key pair as an authentication mechanism.
Theres a handy trick you can use to make it really easy, oddly, I just discussed this 30 minutes ago with a friend.
~/.ssh/config
IdentityFile ~/.ssh/ident/%r@%h IdentityFile ~/.ssh/id_rsa IdentityFile ~/.ssh/id_dsa
This makes it really easy to use a fallback pattern, as the options are run through top to bottom.
Then to specify a specific key for "Bob@someHost" you just have to create the file
~/.ssh/ident/Bob@someHost
And it will try that first when logging into that host.
If the file cannot be found, or the key is rejected, it will try the next one, in this case,
~/.ssh/id_rsa
The benefit of this technique is you don't have to add a new entry every time you add another host, all you have to do is create the keyfile in the right place and it does the rest automatically.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With