Open konklone opened 9 years ago
do we want to have to require a path to a keyfile or do we want to trust that ssh-agent
on the host understands that key?
fetch:sendak jane$ ssh-add -l
1024 7d:33:01:7e:97:55:b9:de:3b:cf:8d:d1:3b:ac:68:5f /Users/jane/.ssh/id_dsa (DSA)
2048 f0:e4:ad:98:ef:98:92:74:7b:ba:ef:97:04:dc:37:d4 /Users/jane/.ssh/jane-fetch-aws-root.pem (RSA)
Does that imply an .ssh/config
file too? Without that, I'd think that every SSH connection would run through all added keys in sequence before finding one that works. I've had bugs with that behavior before, which is why I use IdentitiesOnly yes
in my .ssh/config
, which forces SSH to only try the specific named key.
No. ssh-agent
looks, I think, in ~/.ssh
for key files and adds them. I don't actually have any explicit configuration for it in ~/.bash_profile
or in ~/.ssh/config
.
A command to
sendak make-me-a hubot
will need to accept a path to a private key file on local disk. This key path will be shuttled through the system until ultimately needed by the project's own instrumentation (e.g. Fabric) to configure the deployed infrastructure.