I have a situation where I need to access the same SSH host (GitHub) with two different SSH keys. This is no problem and I can set it up easily by aliasing the hostname. The problem comes when this configuration is combined with my SSH multiplexing configuration. I cannot seem to override my default ControlPath with a host-specific declaration.
Maybe this is just the way it works? Maybe it is a bug? Am I doing something wrong?
I'm on Mac 10.7 by the way.
Here is my config:
Host *
ControlMaster auto
ControlPath ~/.ssh/connections/ssh-%r@%h:%p
Host github.com-X
TCPKeepAlive yes
ServerAliveInterval 60
ControlPersist 1h
Hostname github.com
User git
IdentityFile ~/.ssh/id_rsa_X
IdentitiesOnly yes
ControlPath ~/.ssh/connections/ssh-%r@%h-X:%p
Host github.com
TCPKeepAlive yes
ServerAliveInterval 60
ControlPersist 1h
I have tinkered around a little bit, but it seems that I always get the ControlPath as specified in the Host * declaration.
ssh -T git@github.com-X
Logs me in as the correct user using id_rsa_X, but it creates the domain socket here:
~/.ssh/connections/ssh-git@github.com:22
Rather than:
~/.ssh/connections/ssh-git@github.com-X:22
So later when I try to issue an SSH command using id_rsa, I get the id_rsa_X user because of connection multiplexing. In other words:
ssh -T git@github.com
Gives me a hello message for the user whose key is id_rsa_X.
Any ideas?
EDIT: Response to comment by vgoff–No, it appears to be reading all my config…
$ ssh -vT git@github.com-X
OpenSSH_5.6p1, OpenSSL 0.9.8y 5 Feb 2013
debug1: Reading configuration data /Users/<username>/.ssh/config
debug1: Applying options for *
debug1: Applying options for github.com-X
debug1: Reading configuration data /etc/ssh_config
debug1: Applying options for *
debug1: auto-mux: Trying existing master
debug1: Control socket "/Users/<username>/.ssh/connections/ssh-git@github.com:22" does not exist
<snip>
You can see that it read all the settings and tries to use the wrong ControlPath.
Best Answer
You need to move the less specific options further down in
~/.ssh/config
. TheHost *
options are applied first and they are not overwritten by later, clashing, options, even if they are more specific. New options that were not specified inHost *
will however be applied and I think that is what you saw in your log.Source: http://linux.die.net/man/5/ssh_config