Managing Multiple SSH Keys
Hopefully, you aren't using a single SSH key for authenticating into absolutely everything. You should be using multiple SSH keys to provide isolation levels. You may be tempted to use just a single key because itt can be quite cumbersome to remember which key you need for which hosts, and typing in the path every time. For example:
ssh -i /path/to/private/key myUser@my.domain.org
Wouldn't it be great if your computer would just automatically use the correct key depending on which host you were trying to connect to? Thus you would just need to run:
ssh myUser@my.domain.org
Here, I will show you how to do just that.
Steps
Run the following commands to ensure you have the relevant file with the correct permissions (it won't be used if the permissions or ownership is wrong!).
touch $HOME/.ssh/config
sudo chown $USER:$USER $HOME/.ssh/config
sudo chmod 700 $HOME/.ssh/config
Populate it with entries similar to:
Host git.mydomain.org
HostName git.mydomain.org
User user1
Port 22
IdentityFile /path/to/private-key
Host git.mySecondDomain.org
HostName git.mySecondDomain.org
User user2
Port 22
IdentityFile /path/to/private-key2
You don't have to use the same name in the Host
and HostName
fields. You can set an alias instead. For example if you had the following lines in your config file:
Host git-server
HostName git.mySecondDomain.org
User user2
Port 22
IdentityFile /path/to/private-key2
...then you could connect to the server just by running:
ssh git-server
Multiple Config Files
If you get to a point where your config is absolutely massive with lots of entries, you may wish to break things up across multiple files.
I changed my .ssh/config
file to just contain the following:
Include config.d/*
Host *
IdentitiesOnly=yes
...before creating a config.d directory:
mkdir -p $HOME/.ssh/config.d
... and placing all my host configurations in there. E.g.
- $HOME/.ssh/config.d/personal.conf
- $HOME/.ssh/config.d/work.conf
References
- Nixcraft - OpenSSH Config File Examples
- superuser - Is there a way for one SSH config file to include another one?
First published: 16th August 2018