- May 21, 2013
- 3,656
- 60
- 91
So, my situation is the following:
I am running Windows 10, but have a Debian WSL set up. For work, I need to connect to the same cluster (it goes through a jump host), using different accounts that fall into two groups. One is a general access account, the remaining are specialized.
The specialized accounts were set up with RSA keys (using a passphrase), and they have the default names id_rsa and id_rsa.pub. I have those configured just fine, thanks to the default name fallback.
The part that makes this stupid, is that I am perfectly fine typing my passphrase to connect to the specialized accounts on demand. The reasons for this are: I use the WSL terminal in VS Code and I don't want to be bothered entering my passphrase just so I can compile and debug code.
I was using the same key pair for my general access account, but decided I should have different keys. And because this was general access, I wanted a lazy login. So I created a new RSA key pair with no passphrase.
My initial config involved adding a scriptlet to .bashrc to add this new key to ssh-agent. That worked great. But now my specialized accounts won't fall back to the default key, and are instead asking for a password. Again, I don't want to pre-load the specialized account key because I don't want to bothered typing the passphrase if I bring up a terminal for "not going to ssh" reasons.
IdentitiesOnly yes (with proper IdentityFile for each host)in the global space of my .ssh/config only partially works. I get prompted for my specialized passphrases, but then it goes on to ask me for a password, so it doesn't completely work.
I know that from the terminal, I can just ssh -i KEYHOST_ALIAS, but that's tedious. This should not be so difficult.
And while I'm sure I've been butting my head due to my own lack of knowledge of the inner workings of openssh, they didn't have to make it so obtuse. I feel like what I want to do is not so crazy or weird.
I am running Windows 10, but have a Debian WSL set up. For work, I need to connect to the same cluster (it goes through a jump host), using different accounts that fall into two groups. One is a general access account, the remaining are specialized.
The specialized accounts were set up with RSA keys (using a passphrase), and they have the default names id_rsa and id_rsa.pub. I have those configured just fine, thanks to the default name fallback.
The part that makes this stupid, is that I am perfectly fine typing my passphrase to connect to the specialized accounts on demand. The reasons for this are: I use the WSL terminal in VS Code and I don't want to be bothered entering my passphrase just so I can compile and debug code.
I was using the same key pair for my general access account, but decided I should have different keys. And because this was general access, I wanted a lazy login. So I created a new RSA key pair with no passphrase.
My initial config involved adding a scriptlet to .bashrc to add this new key to ssh-agent. That worked great. But now my specialized accounts won't fall back to the default key, and are instead asking for a password. Again, I don't want to pre-load the specialized account key because I don't want to bothered typing the passphrase if I bring up a terminal for "not going to ssh" reasons.
IdentitiesOnly yes (with proper IdentityFile for each host)in the global space of my .ssh/config only partially works. I get prompted for my specialized passphrases, but then it goes on to ask me for a password, so it doesn't completely work.
I know that from the terminal, I can just ssh -i KEYHOST_ALIAS, but that's tedious. This should not be so difficult.
And while I'm sure I've been butting my head due to my own lack of knowledge of the inner workings of openssh, they didn't have to make it so obtuse. I feel like what I want to do is not so crazy or weird.
Facebook
Twitter