X-Git-Url: https://iankelling.org/git/?a=blobdiff_plain;f=rootsshsync;fp=rootsshsync;h=9db6b73d95d27bfefc81cc4c14386fa1b0d7422f;hb=f27b67a1dfa58b5f101bba607b2f91a73e65299e;hp=5395c44ced87fbf7624fdbaff11ca95a4772f675;hpb=7ed3b98c4d3678d982c33741f1f42727144e66ce;p=distro-setup

diff --git a/rootsshsync b/rootsshsync
index 5395c44..9db6b73 100755
--- a/rootsshsync
+++ b/rootsshsync
@@ -63,7 +63,11 @@ if [[ -e $user_ssh_dir/config ]]; then
   # eg, in an ssh shell. confirm for regular user provides some protection
   # that a rouge user program cant use my ssh key.
   sed 's,^AddKeysToAgent confirm,AddKeysToAgent yes,;/^UserKnownHostsFile /d' $user_ssh_dir/config >/root/.ssh/confighome
-  sed 's,^IdentityFile ~/\.ssh/home$,IdentityFile ~/\.ssh/h,' /root/.ssh/confighome >/root/.ssh/config
+  # having a different control path avoids the problem of
+  # forgetting to use confighome, and then after specifying it,
+  # it uses the multiplex socket, which means that the different
+  # key in confighome is not actually used unless we do ssh -O exit HOST.
+  sed 's,^IdentityFile ~/\.ssh/home$,IdentityFile ~/\.ssh/h\nControlPath /tmp/ssh_hmux_%u_%h_%p_%r,' /root/.ssh/confighome >/root/.ssh/config
 fi
 chown -R root:root /root/.ssh