SSH Config and Aliases

I tend to make use of ~/.ssh/config and add each host I regularly connect with as an alias. This is useful so then I can just issue ssh host_alias rather than ssh

With OnlyKey I derive the SSH key with onlykey-agent and assume that when I issue onlykey-agent host_alias -c the agent replaces host_alias with but that isn’t quite the case. It does correctly pick up the user/hostname to connect but the key is derived against host_alias and so it obviously results in Permission denied (publickey).

Is there a way to pass host_alias to the agent but derive the key on from the ssh_config?

– bvs

1 Like

Would using an environment variable work?

Do you mean storing each of the in a $alias_name env variable?

EDIT: this describes the issue trezor-agent usage in SSH config · Issue #129 · romanz/trezor-agent · GitHub

– bvs

@t11 is this what you were referring to or something else? Can you expand?

Yes, is that an option? Or maybe using an identity file like described here trezor-agent/ at master · romanz/trezor-agent · GitHub

@t11 I only just got around to being able to test this.

I tried this;

But it looks as though in onlykey-agent it doesn’t behave the same. I add a pub key to the file but when I pass it to onlykey-agent, drop to a subshell, and run ssh-add -L it shows a different pub key. It looks like it’s actually using the filename (in this case .ssh/pub_keys) as though it’s an identity and generates a pub key because the key shown in the subshell ends with <ssh://.ssh/pub_keys|ed25519> rather than the actual identity from the file.

Is this a bug, or is the command slightly different?

– bvs