https://bugzilla.mindrot.org/show_bug.cgi?id=1898
Damien Miller <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #1 from Damien Miller <[email protected]> 2011-05-05 16:26:41 EST --- I think you are misunderstanding how the configuration is applied by Host directives. Overrides are *per-configuration item* In your first case you are not specifying an IdentityFile in your login.example.org block, so it is unset when the also-matching *.example.org block is applied. To do what you want, you should specify your normal IdentityFiles in the login.example.org block Host login.example.org User loginUser ProxyCommand none IdentityFile ~/.ssh/id_rsa IdentityFile ~/.ssh/id_dsa IdentityFile ~/.ssh/id_ecdsa Host *.example.org User root IdentityFile ~/.ssh/internal_example_org_key.id_rsa ProxyCommand ssh login.example.org nc %h %p The rules for IdentityFile are a little different to most. IdentityFile adds to the list of keys, whereas most other directives are *first match wins*. This leads to the slightly undesirable effect of appending ~/.ssh/internal_example_org_key.id_rsa to the list of keys, even for login.example.org. We can't avoid that unless we support negated matching in Host blocks. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
