Getting started with 1Password for your growing team, or refining your setup? Our Secured Success quickstart guide is for you.
Forum Discussion
SSH Key priority
Hi,
I've got an SSH config block like
host target1.internal.network
hostname host.external-net.com
IdentityFile ~/.ssh/public_key_target1.pub
user target1
port 2222
and fallback
host *
IdentityAgent ~/.1password/agent.sock
ForwardAgent no
ServerAliveInterval 60
User myUser
IdentitiesOnly yes
IdentityFile ~/.ssh/fallback_key.pub
which contains a key for all hosts that I don't explicitly specify.
I was expecting SSH just to take the first identityfile, but it offers both to my target, unfortunately in the wrong order (the fallback first, which gets rejected, and then the right one)
Is there any way to change the order of the keys offered? I thought it was perhaps alphabetical, but renaming the fallback key had zero effect.
Edit:
Using
host *
IdentityAgent ~/.1password/agent.sock
ForwardAgent no
ServerAliveInterval 60
User myUser
IdentitiesOnly yesmatch originalhost *,!*.internal.network
IdentityFile ~/.ssh/fallback_key.pub
works, but it is not ideal
1 Reply
I came here for the same question. Perhaps 1P_Phil can take a look at this and update the documentation to clarify this. I think using bookmarks (https://developer.1password.com/docs/ssh/bookmarks) will be the way to go, but it would be very nice if the manual could describe this very common scenario, because honestly, I lost my way between the ~/home/.ssh/config file, the toml file and the ~/.ssh/1Password/config file.
Could you please describe in the manual the recommended solution for a scenario where you specify a specific ssh key for some hosts and use a fallback key for all remaining hosts? Thanks.
