Re: OpenSSH VPN support

[Conrad Meyer <cemeyer u washington edu>]

On Friday 04 December 2009 08:35:16 pm you wrote:
> On Fri, 2009-12-04 at 19:27 -0800, Conrad Meyer wrote:
> > On Friday 04 December 2009 06:59:31 pm Daiki Ueno wrote:
> > > Dan Williams <dcbw redhat com> writes:
> > > > 3) Is there any way we can figure out what pub/priv keys to use? 
> > > > When I just ssh to a random host, ssh can find the keys I need to
> > > > use.  Could we do that here, and provide the ability to use specific
> > > > keys as an "Advanced" option?
> > >
> > > That is indeed possible by scanning ~/.ssh/ and sending pubkeys one by
> > > one until the server accepts one of them.  I will try to implement it.
> >
> > That isn't quite the behavior of ssh. Ssh reads the ~/.ssh/config file
> > and looks for IdentityFile directives.
> 
> Hmm, my ~/.ssh config doesn't have those.  So I assume there's a
> fallback like Daiki describes?

From the manpage:

-i identity_file
        Selects a file from which the identity (private key) for RSA or
        DSA authentication is read.  The default is ~/.ssh/identity for
        protocol version 1, and ~/.ssh/id_rsa and ~/.ssh/id_dsa for pro-
        tocol version 2.  Identity files may also be specified on a per-
        host basis in the configuration file.  It is possible to have
        multiple -i options (and multiple identities specified in config-
        uration files).

(Unrelated: please don't CC on me on mailing list replies, I'm subscribed to  
the list. Thanks!)

Regards,
-- 
Conrad Meyer <cemeyer u washington edu>