On 10/4/20 5:04 PM, Pablo Escobar wrote: > On Sun, Oct 4, 2020 at 1:37 PM Lars Noodén <lars.nooden@xxxxxxx> wrote: > >> One work-around [1] is to use an alias. >> >> alias assh="ssh-agent ssh -o AddKeysToAgent=confirm \ >> -o ForwardAgent=yes" >> >> That approach will still respect what's in ssh_config(5) except for the >> two options it overrides. >> > > Thanks for the suggestion. In a quick test the two drawbacks I found with > this approach are: > > 1) As I start a new agent I have to type the passwords for my private keys > again even if I already added them to my previously existing agent. When > using a bastion host with a different private key and the ssh option > "ProxyJump" or "ProxyCommand" this means typing two passwords. > 2) bash autocomplete is not working when using an alias. I use autocomplete > a lot because I have few dozens of hosts entries in my ~/.ssh/config [snip] A different work-around would be to script the launching of several instances ssh-agent(1), a new one for each destination which uses agent forwarding, each socket with a unique, pre-decided name desginated using the -a option. That way the sockets would have predictable paths and the ssh_config(5) entries could thus use the IdentityAgent directive to point to the relevant socket for each destination. It's a more complex work-around requiring a little scripting. However, that way the agents would be more persistent and tab-completion should continue to work. /Lars _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
