I find the man page unambiguous: HostName specifies the singular real
host name to log into. Alternatively, a singular IP address is
permitted.
I can see how "Numeric IP addresses are also permitted" could be
construed as meaning multiple addresses on the one line, but, that's
an incorrect reading. It really means, IP addresses can be used in
HostName entries.
All of this fails to help the original question, which is how to
specify multiple IP addresses. The obvious answer to that is to put
multiple A records into your local DNS. If you don't have a local DNS
or have no control over it, specify multiple Hosts in your config, one
for each IP address.
Oh, I 100% agree. I was more trying to work through what the intent in the OP could even be. It seemed to me that the proposal hadn't been carefully thought through.
In hindsight, I guess the logic could be interpreted as "try each address assigned to the Hostname in order until one succeeds".
But as you say, this would conventionally be handled just by having a separate Host per Hostname, eg
Host foo.ipv4
Hostname 192.168.0.1
Host foo.ipv6
Hostname fc00::1
I already don't like the way the client just goes through the possible private keys one at a time until the connection succeeds. IMO IdentitiesOnly should default to "yes" instead of "no".
That is, I think there should be a principle of "minimise client guessing games". So, even if multiple entries makes sense for Hostname, I would still be inclined to disagree with any proposal to add this feature.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
