mirror of
https://gitea.com/mcereda/oam.git
synced 2026-02-09 05:44:23 +00:00
77 lines
2.3 KiB
Plaintext
77 lines
2.3 KiB
Plaintext
################################################################################
|
|
## ~/.ssh/config
|
|
##
|
|
## Gotchas:
|
|
## - priority goes from top to bottom
|
|
## - defaults MUST come last
|
|
## - canonicalization as a default MUST be on top to force a config reload
|
|
## when checking hosts matching it
|
|
## - host specificity is NOT a factor of priority
|
|
## - host sections can be specified multiple times
|
|
## - multiple hostnames (and aliases) may be specified per section
|
|
## - host sections apply to the name you use (not what it resolves to)
|
|
################################################################################
|
|
|
|
# Canonicalize host names before connecting
|
|
# On top, so it forces a config reload for canonical hosts
|
|
CanonicalizeHostname yes
|
|
CanonicalDomains lan local my.org
|
|
|
|
# Legacy hosts' specific settings
|
|
# E.g. old key algorithms
|
|
Host legacy
|
|
BatchMode yes
|
|
ForwardAgent yes
|
|
HostKeyAlgorithms +ssh-dss
|
|
Port 2222
|
|
|
|
# Virtual Machines' specific settings
|
|
# E.g. no key checking due to them being ephemeral
|
|
Host local vm*
|
|
Hostname localhost
|
|
IdentitiesOnly yes
|
|
IdentityFile ~/.ssh/id_rsa
|
|
StrictHostKeyChecking no
|
|
UserKnownHostsFile /dev/null
|
|
|
|
# Network devices' specific settings
|
|
# E.g. firewalls and switches
|
|
Host net?a?-fw? org?-h?-sw?
|
|
CanonicalDomains my.org
|
|
CanonicalizeMaxDots 0
|
|
Host !bastion* *.brt*.my.org *.brs? *.brs??
|
|
ProxyCommand ssh -W %h:%p `host bastion.my.org | awk '/address/ {print $4; exit}' | xargs host | cut -d\ -f5`
|
|
|
|
# Home devices' specific settings
|
|
Host omnia turris
|
|
AddressFamily inet6
|
|
IdentitiesOnly yes
|
|
User root
|
|
Host pi* raspberrypi*
|
|
AddKeysToAgent no
|
|
SendEnv -LC_* PAGER
|
|
SetEnv FOO=bar
|
|
UseKeyChain no
|
|
User pi
|
|
|
|
# User-specific settings
|
|
Match user robots
|
|
IdentityFile ~/.ssh/id_ed25519
|
|
ServerAliveInterval 300
|
|
ServerAliveCountMax 2
|
|
|
|
# Default settings start here
|
|
|
|
AddKeysToAgent yes
|
|
Compression yes
|
|
HashKnownHosts no
|
|
ServerAliveInterval 300
|
|
ServerAliveCountMax 2
|
|
UseKeyChain yes
|
|
|
|
# Keep connections open for some time to reuse them
|
|
# %C returns a hash of different information and is useful as socket identifier
|
|
ControlMaster auto
|
|
ControlPersist 30s
|
|
ControlPath ~/.ssh/control-%C
|