I have a pair of ssh config entires which look like:
Host host1
User serge
Identityfile host1key
ProxyCommand none
Host cloud-*
User ubuntu
StrictHostKeyChecking no
IdentityFile ~/some/path/cloudkey
ProxyCommand ssh host1 nc -q0 %h.cloud %p
If I'm logged in through unity, ssh -vvv cloud-* shows that it tries all
of the ssh keys under ~/.ssh instead of the named IdentityFile. I
assume ssh would eventually get to trying host1key, but the remote end
(host1) refuses the login before getting to that. It should try
the listed IdentityFile first.
Note:
I had a set of password-less keys under ~/.ssh for testing purposes.
gnome-keyring-daemon auto-loads those, so that doing 'ssh-add -D'
doesn't help. When not running gnome-keyring-daemon, you can avoid
this by only loading the needed keys into the ssh-agent.
Another way to look at this:
when I ssh -vvv Host1, I see "loading entries for host "Host1""
but when I ssh -vvv cloud-1, I only see "loading entries for cloud-1", no line about "loading entries for Host1".