0

Disclaimer: originally I asked this question on StackOverflow and it was legitimately marked off-topic and think it fits better here. In the meantime I found the problem (see intermediate solution below).

Original problem

I am on a Windows client and want to connect via SSH to an Ubuntu Client.

my configuration (which is working) looks like this:

Host myhost ForwardAgent Yes Host myuser@myhost HostName myhost User myuser

I can connect, fowarding works as expected, so that ssh-add -l on the remote shows the identity from my connecting client.

Now, what I do not understand is, why the following configuration does not work:

Host myuser@myhost ForwardAgent Yes HostName myhost User myuser

In that case I can at least connect through SSH, but the forwarding does not work, so that running ssh-add -l again returns:

Could not open a connection to your authentication agent.

To me the second configuration looks basically the same but in one step rather in two.

What am I missing here?

What I tried

One suggestion that I got was to replace the @ sign with another. This unfortunately it was not working.

Then I made some minor changes like lowercase yes for example. Nothing changed.

intermediate solution

After really just trying in try and error-style. I found that the first Host naming style was OK:

Host myhost HostName myhost User myuser ForwardAgent yes

And it turns out, that I can change the Host as I was but I must not include the name from User ? This turns out as a pattern.

Questions

  • Does someone understand why the User is not allowed?
  • what is the best practice when I want to include another specification but with another user? My first configuration followed that intention, see:
Host user1@myhost HostName myhost User user1 ForwardAgent yes Host user2@myhost HostName myhost User user2 ForwardAgent yes

Which would not work.

Also not working:

Host myuser-myhost HostName myhost User myuser ForwardAgent yes

or

Host myhost-myuser HostName myhost User myuser ForwardAgent yes

or

Host myhostmyuser HostName myhost User myuser ForwardAgent yes Host myusermyhost HostName myhost User myuser ForwardAgent yes

not even

Host mymyuserhost HostName myhost User myuser ForwardAgent yes

really confused. How do I distinct two configurations with two different users then? Only by having two different files?

Improve this question

1 Answer 1

Reset to default
1

Host is supposed to match a hostname given as a command line argument to ssh, like ssh host. It can be a pattern with wildcards like * or ?. It doesn't include a username. When you connect with a command like ssh user1@myhost then this argument is split into a username user1 and a hostname myhost and the hostname would match against Host directives. As the symbol @ isn't a wildcard then your Host user1@myhost would never match myhost.

If you want the configuration to apply to a specific user only then you need to use the Match directive instead of Host, like the following:

Match host myhost user user1

See the documentation.

Improve this answer
1
  • Ah, now I understand. Afterall, I still was a little confused why there would be an option to define User as well. From the docs: User [...] saves the trouble of having to remember to give the user name on the command line. So the User is for the lazy people of us and Match is for the restrictive people of us :D Thank you very much @AlexD Commented Mar 14, 2024 at 20:43

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.