Home / Use a different rsa identity file when using ssh

Use a different rsa identity file when using ssh

You may need to use different identity files when logging into ssh/sftp servers, so this post shows how to specify a different one to use from the command line, and then always using that key by default in the config file.

ssh -i command line flag

Normally your default identity file will be at ~/.ssh/id_rsa, but let’s say we’ve created another rsa file at ~/.ssh/id_rsa2 and need to use that when connecting to ssh.example.com.

The -i flag allows you to use a different keyfile:

ssh -i ~/.ssh/id_rsa2 ssh.example.com

Using the config file

Now you don’t want to have to specify that -i flag every time you connect, and if you are using e.g. git to pull updates over ssh, you won’t be able to specify it anyway. So a much better way to specify the file to use is in the config file.

If you don’t already have a file at ~/.ssh/config, then create it, and then add this for our ssh.example.com example:

Host ssh.example.com
  IdentityFile ~/.ssh/id_rsa2

Much easier! Above I talked about how when you’re doing a "git pull" you won’t be able to specify the identity file, and this is when I first needed to implement this. I have an account at Bitbucket and a separate deployment key which I use for it. So this is what I added to the config file:

Host bitbucket.org
  IdentityFile ~/.ssh/id_rsa_bitbucket