1

I'm trying to configure my SSH config file to try several different keys and users for a domain. I was using a function in my dotfiles to do this originally but it's unwieldy, slow, and ugly.

My company has multiple servers with different private keys and users for SSH login. There are a plethora of hostnames, but the domain is always the same.

I could look up in our master record what key/username pair I need, but that's no fun.

This is part of my SSH config file:

 Host *.companydomain.net
     User ubuntu
     PreferredAuthentications publickey
     IdentityFile ~/.ssh/key_a.pem

 Host *.companydomain.net
     User ubuntu
     PreferredAuthentications publickey
     IdentityFile ~/.ssh/key_b

 Host *.companydomain.net
     User anotheruser
     PreferredAuthentications publickey
     IdentityFile ~/.ssh/key_c

So right now it seems like the first entry (using key_a.pem) is tried, then it fails and doesn't fall through. Ideally, I'd like this to fall through and try each of the three combinations until a log in succeeds.

I am running macOS running OpenSSH_7.6p1.

Thanks!

Improve this question
1
  • 1
    Pretty sure those aren’t regular expressions Commented Jan 25, 2018 at 23:06

1 Answer 1

Reset to default
0

The manual says you can use multiple IdentityFile directives, and all listed files will be used, so the first two entries could be combined to

Host *.companydomain.net
    User ubuntu
    PreferredAuthentications publickey
    IdentityFile ~/.ssh/key_a.pem
    IdentityFile ~/.ssh/key_b

But I don't think you can try multiple user names with one ssh invocation (or one SSH connection), so for that you might need to script it anyway.

If you put the third IdentityFile along with the others, the script doesn't need to be very long, I think something like this should do:

#!/bin/sh
for user in ubuntu anotheruser; do
    ssh -l "$user" "$@" && break;
done

(Take the User directive off from the configuration file in this case.)

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.