-
Notifications
You must be signed in to change notification settings - Fork 565
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Some options of ssh_config are not supported #1890
Comments
Will take a look. I consider this critical functionality so we will tackle this immediately. |
Hi! I could not replicate this behavior. I'm thinking maybe something is going on with the parser, like a previous line or whatever. Given that the issue is very early on, line 14, do you think you could send me the first one or two batches so I can try to replicate from my side? Feel free to do so to my email: Carlos at blink.sh. Thanks! PS: I misread IdentitiesOnly for IdentityFile. That option is not currently supported but it should not block the rest. I will add IdentitiesOnly to the backlog. |
Hi! Sure, I will narrow down my config to a piece that reproduces the problem and will send it to you |
This config:
Produces this output:
|
Thanks! I could replicate it easily now. I have an idea what may be going on, we should have this fixed for our TestFlight version tomorrow. Are you on it? |
not yet, how do I join? |
community.blink.sh - On how you found us, reference this issue so I know I need to add you immediately. |
I am having trouble following this link:
|
Ugh, sorry about that. Will reach out to Mailerlite. In the meantime, please send me the email to carlos at blink.sh. Thanks! |
Hi! So I've been checking things out and although the warning messages may show up, this should not affect the functionality. The proper flags, like ForwardAgent should still work. Is the agent not being forwarded in your scenario? Is there a specific flag not working? Thanks! |
Hi! I will double-check later today or this weekend |
Hi! So I tried a couple of approaches and here is what I got. I had loaded my ssh keys through GUI before. I tried connecting to one of my SSH hosts that is configured like this:
Connecting failed with:
Actually I expected that the ssh command would try all the keys I had specified earlier with GUI. I thought then that if I am trying to connect to a host that is configured through config, not GUI, then the ssh command must be using the keys in the .ssh/directory. So I copied my keys:
Specifying the key with '-i' does not help:
Actually -i does not work even with the key loaded through GUI:
Specifying the key with IdentityFile in config does not work either:
The only way I managed to make it work is by specifying the 'Dev' key through the IdentityFile:
The only key forwarded is the one I connected with:
Adding to the agent also fails:
But adding a key specified through GUI works!
Forwarding works as expected:
Then I thought that probably adding GUI-key to ssh-agent might help connecting and it did:
So to wrap it up here is what I think confused me:
|
Thanks a lot for the thorough description, it has been really helpful. So I have been working on solving some of the issues here as well as trying to iron out what the expectations are. I will try to reply in-line based on what Blink does and how I have changed based on what we think it should do.
|
Hi!
Yeah, I get it now. I did read all the docs you have on your website but of course missed some points. Probably it would be more handy for me if it was documented in |
The problem is that
|
To make it clear: GUI-keys are named 'Dev' and 'Git', key-files in the .ssh dir are named id_rsa[.pub] and id_rsa_git[.pub]
There is a mistake in the snippet, it should have been this:
I tried it now and it works, although I did not add the Dev key to the agent manually. Probably I made a mistake when was testing this case earlier.
ssh-add id_rsa_git does not work, because there is not GUI-key named id_rsa_git:
Got it |
THIS MESSAGE WAS HEAVILY EDITED BECAUSE I UNDERSTOOD THAT I GOT IT ALL WRONG The only problem I have left is that in order to forward my keys I need to add it manually to the agent each time I start blink. Is there any reason why you don't want it to be added automatically on startup? Probably I am missing a way how I can configure it to be done automatically? |
Thanks again, I flagged the conversations from my side so we will do the proper changes to help, etc... I was gonna ask you about how you would prefer to load keys as well given your number of hosts. Blink has a special agent that is basically an agent per host and a default agent. Usually, the default agent holds all the keys you want to forward to all hosts, like the usual ssh-agent, but this is known to be troublesome. If you create the host in Blink, then you can define what specific keys you want to forward there, so each host can have different access. This has to be done at the GUI as there is no standard ssh flag at the moment. You can also specify different "constraints" like Asking you every time before use, or once per connection, etc... Our idea here is that most people just forward keys to one or two hosts, and if they need to forward to more than that they probably want to have very specific control for when this happens (the manual way). So far, the per-host agent has really served us well and removed the need for the default agent. But does this work for you? Or would you rather have a more generic way to assign keys to group of hosts in the agent or the default agent? |
I have only two keys: one for connecting to hosts and one for communicating with git repos. Basically I need to be able to forward the 'git' key to any host I ssh to. I guess the default agent would work for me. Another option is to provide a way to initialise each shell session automatically with something like .bash_profile, so that I can ssh-add my keys there. |
Shipped on 17.2.0 Created #1960 to get control over the default agent. |
Checklist
Configuration
Blink version 17.0.1.840
iPad OS 17.0.3
Describe the bug
I have lots of hosts in my ssh config and setting all of those through GUI would take much time. I've searched for similar issues and somewhere saw that you support the comlete ssh_config. However at least there directives seem not to work:
To make it clear: I am using .ssh/config, not manual ssh config in the GUI
The text was updated successfully, but these errors were encountered: