On a Jenkins server, there are two pairs SSH private and public keys in the ~/.ssh/ directory which apparently are both used to authenticate with the same external server. However, I don't know which user name to use for one of the certificates.
Is the user name information part of the SSH keys? Or are key and user name only mapped on the server accepting the certificate-based authorization?
The user's name is not part of the key.
On the server's end, the file ~/.ssh/authorized_keys identifies which keys are allowed to log in to a particular account. The name following the key is typically the user's name, but since SSH ignores that, it can be anything. Any number of keys can be in this file, so many keys can be authorized if desired.
On the client end, the key used by default is in ~/.ssh/id_rsa or ~/.ssh/id_dsa but that can be changed by passing -i to the ssh command.
-i identity_file
Selects a file from which the identity (private key) for RSA or
DSA authentication is read. The default is ~/.ssh/identity for
protocol version 1, and ~/.ssh/id_rsa and ~/.ssh/id_dsa for pro-
tocol version 2. Identity files may also be specified on a per-
host basis in the configuration file. It is possible to have
multiple -i options (and multiple identities specified in config-
uration files).
In this way, the server and client do not have to share the same username.
