如何将与SSH密钥相关的文件移动到另一个目录?

huangapple go评论79阅读模式
英文:

how to move ssh-key related files to another directory?

问题

我一直在尝试清理我的根目录,以便不会被随机的点文件混淆。

然而,在设置 ssh-key 时,我陷入了僵局,找不到一种方法将 known_hosts 文件迁移到另一个位置 ($XDG_CONFIG_HOME/ssh/config)。

我使用以下命令生成了我的 ssh-key

mkdir -p $XDG_CONFIG_HOME/ssh
ssh-keygen -t ed25519 -C "my@email.com" -f $XDG_CONFIG_HOME/ssh/id_ed25519

但我仍然需要创建一个 ~/.ssh/config 文件,指向我的 $XDG_CONFIG_HOME/ssh/config 文件,这令人沮丧,因为我想摆脱 ~/.ssh 目录。

我尝试了几种方法之一是将环境变量 SSH_CONFIG 设置为 $XDG_CONFIG_HOME/ssh/config,但这也没有奏效。

⚠️ 我使用 macOS 和 fish shell 以防混淆

这是 $XDG_CONFIG_HOME/ssh/ 目录结构:

config
id_ed25519
id_ed25519.pub
known_hosts #这个文件被忽略,因为 ssh 期望它在 ~/.ssh/ 中

这是 $XDG_CONFIG_HOME/ssh/config 文件:

GlobalKnownHostsFile $XDG_CONFIG_HOME/ssh/known_hosts #这也没有帮助
Host github.com
  AddKeysToAgent yes
  UseKeychain yes
  IdentityFile $XDG_CONFIG_HOME/ssh/id_ed25519

目前有效的解决方法仅是创建一个 .ssh/config 文件,其中包含值 UserKnownHostsFile $XDG_CONFIG_HOME/ssh/known_hosts,这使得我整个文件的迁移变得无意义。

.ssh/config 文件:

UserKnownHostsFile $XDG_CONFIG_HOME/ssh/known_hosts

我是否漏掉了什么?

我该如何解决这个问题?

或者有没有更好的组织根文件夹的方法?

我尝试设置环境变量 SSH_CONFIG,但它似乎忽略了它:

set -Ux SSH_CONFIG ~/.config/ssh/config #fish 语法,与 export SSH_CONFIG="$HOME/.config/ssh/config" 相同
英文:

i've been trying to clean up my root directory so that it isn't clustered with random dotfiles.
nonetheless, on setting up the ssh-key i came to a dead-end, where i wouldn't find a way to migrate known_hosts file to the other direction ($XDG_CONFIG_HOME/ssh/config).

i used this command to generate my ssh-key:

mkdir -p $XDG_CONFIG_HOME/ssh
ssh-keygen -t ed25519 -C "my@email.com" -f $XDG_CONFIG_HOME/ssh/id_ed25519

but yet i need to create a ~/.ssh/config file to point at my $XDG_CONFIG_HOME/ssh/config file, which is frustrating because i want to get rid of the ~/.ssh directory

i used several approaches one of them was to set an env var SSH_CONFIG to $XDG_CONFIG_HOME/ssh/config but that didn't work either

⚠️ i'm using macOS and fish shell to prevent confusion

this is the $XDG_CONFIG_HOME/ssh/ directory structure:

config
id_ed25519
id_ed25519.pub
known_hosts #this file is ignored as ssh expects its in ~/.ssh/

this is the $XDG_CONFIG_HOME/ssh/config file:

GlobalKnownHostsFile $XDG_CONFIG_HOME/ssh/known_hosts #this doesn't help either 
Host github.com
  AddKeysToAgent yes
  UseKeychain yes
  IdentityFile $XDG_CONFIG_HOME/ssh/id_ed25519

and the current fix that is working, is only creating a .ssh/config with the value UserKnownHostsFile $XDG_CONFIG_HOME/ssh/known_hosts, which makes my whole migration of the files pointless.

.ssh/config file:

UserKnownHostsFile $XDG_CONFIG_HOME/ssh/known_hosts

is there something that i'm missing?

how can i fix this?

or is there a better way of organising one selfs root folder?

i tried to set the env var SSH_CONFIG but it seems to ignore it:

set -Ux SSH_CONFIG ~/.config/ssh/config #fish syntax, it's the same as: export SSH_CONFIG="$HOME/.config/ssh/config"

答案1

得分: 0

OpenSSH 不支持 $XDG_CONFIG_HOME。这个问题很多年前就被提出过,但被拒绝了。

不幸的是,现在的 bug 追踪器需要登录,所以这里有一个存档链接:https://web.archive.org/web/20190925004614/https://bugzilla.mindrot.org/show_bug.cgi?id=2050

这是维护者的解释:

不支持。

OpenSSH(以及它的祖先 ssh-1.x)在使用 ~/.ssh 的历史已有 17 年之久。这个位置已经深入人心,数百万的配置和无数的工具都在使用。

要改变配置文件的位置需要非常充分的理由,而且跟随桌面应用的趋势(OpenSSH 不是桌面应用)是不够的。

所以你要么创建一个符号链接,要么将所有 ssh 工具别名到一个不同的配置文件。不幸的是,如果你使用 -F /path/to/config

如果在命令行上指定了一个配置文件,系统范围的配置文件(/etc/ssh/ssh_config)将被忽略。

所以这也不是一个好主意。我建议你只是使用这个目录。

英文:

OpenSSH has no support for $XDG_CONFIG_HOME. This has been asked for years ago and rejected.

Unfortunately the bug tracker is now login-only, so here's an archive link: https://web.archive.org/web/20190925004614/https://bugzilla.mindrot.org/show_bug.cgi?id=2050

And here's the maintainer's justification:

> No.

>OpenSSH (and it's ancestor ssh-1.x) have a 17 year history of using ~/.ssh. This location is baked into innumerable users' brains, millions of happily working configurations and countless tools.

>Changing the location of our configuration would require a very strong justification and following a trend of desktop applications (of which OpenSSH is not) is not sufficient.

So you'll either have to make a symlink or alias all ssh tools to read a different config file. Unfortunately, if you give -F /path/to/config:

> If a configuration file is given on the command line, the system-wide configuration file (/etc/ssh/ssh_config) will be ignored

So this isn't a great idea either. My advice is to simply live with the directory.

huangapple
  • 本文由 发表于 2023年6月5日 18:39:33
  • 转载请务必保留本文链接:https://go.coder-hub.com/76405618.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定