I have user authentication set up using FreeIPA for a handful of computers in my home. SSH keys are handled through that.
I want to tab-autocomplete my ssh logins so I don't have to type my hostnames. This worked out of the box when I was playing around with Arch linux. I could type ssh me@my {tab} and it would complete to ssh me@myhost.mydomain.com and I could log in.
This does not work on ubuntu (I'm actually on Kubuntu, but don't think it matters). I've turned off HashKnownHosts in the /etc/ssh/ssh_config. And that works for a raspberry pi I have that is not controlled by FreeIPA. I can tab-complete that ssh login. But none of the freeipa ones.
There has to be a way to do this, because like I said it worked on Arch after I had logged in once through ssh. Maybe there is a separate file somewhere that can store these entries for me so that on second attempt it will look up there for auto completion? Or some way to interact with FreeIPA to get the hostnames. I noticed if I delete the known hosts in /var/lib/sss/pubconf/known_hosts and then log in to one of the freeipa machines, then that file gets populated with all the known hosts from freeipa. So I *think* maybe that file is populated from FreeIPA? But it's hashed, so I don't think that's where Arch was getting it from, since it's hashed (unless it gets hashed by ubuntu when coming over, but I turned off hash, so I don't think so).
Anyway, I'm just speculating and have no idea. I'm thinking a separate file/location from which ssh could look up the domains might be the best. Maybe then I could turn back on hashing for known_hosts which would probably be safer. But I don't really want to maintain a list, I would like to have it auto-add hosts I've logged into like on Arch.
Bookmarks