replace proxyjump with proxycommand for v6

[etc/ssh.git] / .ssh / config.in

diff --git a/.ssh/config.in b/.ssh/config.in
index 8d6c4e9e4a30bcf10a4789546affc5ba1f177766..6799d6238e0b1fe97228fbb2f49665fe7f88f16b 100644 (file)
--- a/.ssh/config.in
+++ b/.ssh/config.in
@@ -4,97 +4,113 @@ Host 127.0.0.1 | localhost
   ForwardX11Trusted yes
   NoHostAuthenticationForLocalhost yes
 
-Host pulse.madduck.net | pulse
-  ForwardAgent yes
-  Hostname pulse.madduck.net
-  #AddressFamily inet
-Host svn.madduck.net | svn
-  User madduck
-  HostKeyAlias pulse.madduck.net
-Host debian.madduck.net | debian
-  User madduck
-  HostKeyAlias pulse.madduck.net
-  #AddressFamily inet
-Host openvpn.madduck.net | openvpn
-  User madduck
-  HostKeyAlias pulse.madduck.net
-  #AddressFamily inet
-Host backup.madduck.net | backup
-  HostKeyAlias pulse.madduck.net
-  #AddressFamily inet
+### CHARADE KVM HOST
 
-Host khyber.madduck.net | khyber
+Host charade.madduck.net | charade
   ForwardAgent yes
-  Hostname khyber.madduck.net
-Host khyber-vnc
+  Hostname charade.madduck.net
+Host charade-vnc
   ControlMaster no
   ControlPath none
-  Hostname khyber.madduck.net
+  Hostname charade.madduck.net
 
-Host wots.madduck.net | wots
+Host emily.madduck.net | emily
   ForwardAgent yes
-  Hostname wots.madduck.net
-Host buildd.debian.madduck.net | buildd
-  HostKeyAlias wots.madduck.net
+  Hostname emily.madduck.net
 
-Host lotus.madduck.net | lotus
+Host matilda.madduck.net | matilda
   ForwardAgent yes
-  Hostname lotus.madduck.net
-Host git.madduck.net | git
-  User git
-  HostKeyAlias lotus.madduck.net
-Host git.debian.ch
+  Hostname matilda.madduck.net
+Host irc-host.madduck.net | irc-host
+  User madduck
+  HostKeyAlias matilda.madduck.net
+  ConnectTimeout 60
+
+Host vizier.madduck.net | vizier
+  ForwardAgent yes
+  Hostname vizier.madduck.net
+Host admin.madduck.net | admin
+  Hostname admin.madduck.net
+  HostKeyAlias vizier.madduck.net
   User git
-  HostKeyAlias lotus.madduck.net
 
-Host sysyphus.madduck.net | sysyphus
+Host ambassador.madduck.net | ambassador
   ForwardAgent yes
-  Hostname sysyphus.madduck.net
-Host ssh443.madduck.net | ssh443
-  User madduck
-  HostKeyAlias sysyphus.madduck.net
+  Hostname ambassador.madduck.net
+
+Host alan.madduck.net | alan
   ForwardAgent yes
-  Port 443
+  Hostname alan.madduck.net
+Host git.madduck.net | git
+  User git
+  HostKeyAlias alan.madduck.net
 
-Host jugband.madduck.net | jugband
+Host swan.madduck.net | swan
   ForwardAgent yes
-  Hostname jugband.madduck.net
+  Hostname swan.madduck.net
 
-Host vera.madduck.net | vera
+Host pulse.madduck.net | pulse
   ForwardAgent yes
-  Hostname vera.madduck.net
+  Hostname pulse.madduck.net
 
-Host swan-host | swan-host.madduck.net
-  Hostname swan-host.madduck.net
-  User krafft
+Host seamus.madduck.net | seamus
+  ForwardAgent yes
+  Hostname seamus.madduck.net
 
-Host swan.madduck.net | swan
+Host cymbaline.madduck.net | cymbaline
   ForwardAgent yes
-  Hostname swan.madduck.net
+  Hostname cymbaline.madduck.net
 
-Host domine.madduck.net | domine
+### KHYBER KVM HOST
+
+Host khyber.madduck.net | khyber
   ForwardAgent yes
-  Hostname domine.madduck.net
+  Hostname khyber.madduck.net
+Host khyber-vnc
+  ControlMaster no
+  ControlPath none
+  Hostname khyber.madduck.net
 
-Host irc
-  Hostname domine.madduck.net
-  ConnectTimeout 60
+Host bike.madduck.net | bike
+  ForwardAgent yes
+  Hostname bike.madduck.net
 
+Host lotus.madduck.net | lotus
+  ForwardAgent yes
+  Hostname lotus.madduck.net
 Host martin-krafft.net
   User madduck
-  HostKeyAlias seamus.madduck.net
+  HostKeyAlias lotus.madduck.net
 Host phd.martin-krafft.net
   User madduck
-  HostKeyAlias seamus.madduck.net
+  HostKeyAlias lotus.madduck.net
 Host madduck.net
   User madduck
-  HostKeyAlias seamus.madduck.net
+  HostKeyAlias lotus.madduck.net
+
+Host domine.madduck.net | domine
+  ForwardAgent yes
+  Hostname domine.madduck.net
 Host imap.madduck.net
   HostKeyAlias domine.madduck.net
 
+Host sysyphus.madduck.net | sysyphus
+  ForwardAgent yes
+  Hostname sysyphus.madduck.net
+Host ssh443.madduck.net | ssh443
+  HostKeyAlias sysyphus.madduck.net
+  ForwardAgent yes
+  Port 443
+Host openvpn.madduck.net | openvpn
+  HostKeyAlias sysyphus.madduck.net
+
+### UNI ZURICH MACHINES
+
 Host diamond.madduck.net | diamond
   ForwardAgent yes
   Hostname diamond.madduck.net
+Host debian.madduck.net | debian
+  HostKeyAlias diamond.madduck.net
 Host scratch.madduck.net | scratch
   User madduck
   HostKeyAlias diamond.madduck.net
@@ -114,20 +130,38 @@ Host flics.madduck.net | flics
 Host shelter.madduck.net | shelter
   ForwardAgent yes
   Hostname shelter.madduck.net
+Host backup.madduck.net | backup
+  HostKeyAlias shelter.madduck.net
 
-Host sheep.umverkehr.ch | sheep | webmail.madduck.net | webmail
-  Hostname sheep.umverkehr.ch
-  User madduck
+Host sergei.ifi.uzh.ch | sergei
+  Hostname sergei.ifi.uzh.ch
+  User krafft
+Host nikolai.ifi.uzh.ch | nikolai
+  Hostname nikolai.ifi.uzh.ch
+  User krafft
+Host franz.ifi.uzh.ch | franz
+  Hostname franz.ifi.uzh.ch
+  User krafft
 
-Host lapse.rw.madduck.net | lapse.gern.madduck.net | lapse
-  CheckHostIP no
-  ForwardAgent yes
-  ForwardX11 yes
+### PIPER / BYTEMARK
 
-Host fishbowl.rw.madduck.net | fishbowl.gern.madduck.net | fishbowl
-  CheckHostIP no
-  ForwardAgent yes
-  ForwardX11 yes
+Host piper.madduck.net | piper
+  Hostname piper.madduck.net
+
+### CIRRUS / HETZNER
+
+Host cirrus.madduck.net | cirrus
+  Hostname cirrus.madduck.net
+
+### ARNOLD / GPLHOST
+
+Host arnold.madduck.net | arnold
+  Hostname arnold.madduck.net
+Host arnold-host | arnold-host.madduck.net
+  Hostname arnold-host.madduck.net
+  User xen05
+
+### GERN
 
 Host wall.gern.madduck.net | wall
   CheckHostIP no
@@ -137,55 +171,65 @@ Host wall.gern.madduck.net | wall
 Host julia.gern.madduck.net | julia
   Hostname julia.gern.madduck.net
   ForwardAgent yes
-Host juliae
-  Hostname wall.gern.madduck.net
-  Port 22002
-  CheckHostIP no
-  ForwardAgent yes
   ForwardX11 yes
-  HostKeyAlias julia.gern.madduck.net
 
-Host galaxy-s2.phones.gern | galaxy-s2
-  Hostname galaxy-s2.phones.gern
-  User root
+Host julia-via-diamond
+  Hostname julia.gern.madduck.net
+  ProxyJump diamond.madduck.net
 
-Host embryo.gauting.madduck.net | embryo
-  CheckHostIP no
+Host git.gern.madduck.net | git.gern
   ForwardAgent yes
-  Hostname embryo.gauting.madduck.net
-  HostKeyAlias embryo.gauting.madduck.net
+  HostKeyAlias julia.gern.madduck.net
+Host annex.gern.madduck.net | annex.gern
+  ForwardAgent yes
+  HostKeyAlias julia.gern.madduck.net
+Host shared.gern.madduck.net | shared.gern
+  ForwardAgent yes
+  HostKeyAlias julia.gern.madduck.net
 
-Host piper.gern.madduck.net | piper
-  Hostname piper.gern.madduck.net
+Host pict.gern.madduck.net | pict
+  Hostname pict.gern.madduck.net
   ForwardAgent yes
   ForwardX11 yes
 
-Host albatross.gern.madduck.net | albatross
-  Hostname albatross.gern.madduck.net
-  ForwardAgent yes
+Host jugband.gern.madduck.net | jugband.gern | jugband
+  Hostname jugband.gern.madduck.net
   ForwardX11 yes
-Host albatrosse
-  Hostname wall.gern.madduck.net
-  Port 22032
+  HostKeyAlias jugband.gern
+
+Host visitor*.gern.madduck.net | visitor*.gern | visitor*
+  StrictHostKeyChecking no
+  UserKnownHostsFile /dev/null
+
+### LEHEL
+
+Host clegg.lehel.madduck.net | clegg.lehel | clegg
   CheckHostIP no
   ForwardAgent yes
-  ForwardX11 yes
-  HostKeyAlias albatross.gern.madduck.net
+  Hostname clegg.lehel.madduck.net
 
-Host pict.gern.madduck.net | pict
-  Hostname pict.gern.madduck.net
+Host albatross.lehel.madduck.net | albatross.lehel | albatross
+  Hostname albatross.lehel.madduck.net
   ForwardAgent yes
   ForwardX11 yes
-#  AddressFamily inet
-
-Host visitor*.gern.madduck.net | visitor*.gern | visitor*
+  HostKeyAlias albatross.lehel
+Host albatross-luks
+  Hostname albatross.lehel.madduck.net
   StrictHostKeyChecking no
   UserKnownHostsFile /dev/null
+  User root
+
+Host albatross-via-diamond
+  Hostname albatross.lehel.madduck.net
+  ProxyJump diamond.madduck.net
+
+### GAUTING
 
-Host auge-fr.no-ip.org | auge
+Host embryo.gauting.madduck.net | embryo
   CheckHostIP no
-  Hostname auge-fr.no-ip.org
-  HostKeyAlias helena.home.mjollnir.org
+  ForwardAgent yes
+  Hostname embryo.gauting.madduck.net
+  HostKeyAlias embryo.gauting.madduck.net
 
 Host mother.gauting | mother | mother.gauting.madduck.net
   Hostname mother.gauting
@@ -193,7 +237,7 @@ Host mother.gauting | mother | mother.gauting.madduck.net
   ForwardX11 yes
 Host mothere
   Hostname embryo.gauting.madduck.net
-  Port 22221
+  Port 22021
   CheckHostIP no
   ForwardAgent yes
   ForwardX11 yes
@@ -211,246 +255,149 @@ Host bricke
   ForwardX11 yes
   HostKeyAlias brick.gauting.madduck.net
 
-Host clegg.lehel.madduck.net | clegg
+### MOUNT VICTORIA
+
+Host atom.mtvic.madduck.net | atom.mtvic | atom
+  Hostname atom.mtvic.madduck.net
+  ForwardAgent yes
+
+Host atom-via-sysyphus
+  HostKeyAlias atom.mtvic.madduck.net
+  ProxyCommand ssh sysyphus.madduck.net nc -q0 localhost 22015
+
+Host bell.mtvic.madduck.net | bell.mtvic | bell | chip
+  Hostname bell.mtvic.madduck.net
+  ForwardAgent yes
+
+### ROAD WARRIORS
+
+Host fishbowl.*
   CheckHostIP no
   ForwardAgent yes
-  Hostname clegg.lehel.madduck.net
+  ForwardX11 yes
+  HostKeyAlias fishbowl
 
-Host zlinli.no-ip.org | zlinli
+Host fishbowl | fishbowl.rw.madduck.net
   CheckHostIP no
-  Hostname zlinli.no-ip.org
+  ForwardAgent yes
+  ForwardX11 yes
+  HostKeyAlias fishbowl
+  ProxyCommand bash -c "TARGETS=$( (TRIES=%h.{gern,lehel,gauting,mtvic,rw}.madduck.net; eval fping -aAC1 -t500 $TRIES 2>&1 & eval fping6 -aAC1 -t500 $TRIES 2>&1; wait) | sed -rne 's, : ([[:digit:]]), @\1,p' | sort -t@ -k2n | sed -ne 's, .*,,p' | tr '\n' ','); echo Targets: \$TARGETS using \${TARGETS%%%%,*} … >&2; exec nc -vq0 \${TARGETS%%%%,*} %p"
 
-Host debian-community.org | bikeshed.debian-community.org | bikeshed
-  Hostname bikeshed.debian-community.org
-  User madduck
-  ForwardAgent no
-  ForwardX11 no
+### LOCAL VIRT HOSTS
 
-Host alioth.debian.org | alioth
-  hostKeyAlias wagner.debian.org
-  User madduck
+Host wafer.virt
+  RemoteForward 25000 localhost:25
+  ForwardX11 yes
 
-Host svn.debian.org
-  HostKeyAlias vasks.debian.org
-  User madduck
-Host git.debian.org
-  HostKeyAlias vasks.debian.org
-  User madduck
-Host hg.debian.org
-  HostKeyAlias vasks.debian.org
-  User madduck
-Host cvs.debian.org
-  HostKeyAlias vasks.debian.org
-  User madduck
+Host red | green | blue | yellow | black | white | orange | violet | wafer
+  CanonicalDomains virt
+  CanonicalizeHostname yes
+  CanonicalizeFallbackLocal no
+  CanonicalizeMaxDots 0
+  VerifyHostKeyDNS no
+  CheckHostIP no
+  ForwardAgent yes
+  StrictHostKeyChecking no
+  UserKnownHostsFile /dev/null
+
+### DEBIAN
+
+Host alioth.debian.org | anonscm.alioth.debian.org | svn.debian.org | git.debian.org | hg.debian.org | cvs.debian.org
+  HostKeyAlias moszumanska.debian.org
+
+Host people.debian.org | people
+  Hostname people.debian.org
+  HostKeyAlias paradis.debian.org
 
-Host abel.debian.org | abel
-  Hostname abel.debian.org
-  User madduck
-Host agricola.debian.org | agricola
-  Hostname agricola.debian.org
-  User madduck
-Host albeniz.debian.org | albeniz
-  Hostname albeniz.debian.org
-  User madduck
-Host asdfasdf.debian.net | asdfasdf
-  Hostname asdfasdf.debian.net
-  User madduck
-Host busoni.debian.org | busoni
-  Hostname busoni.debian.org
-  User madduck
-Host cilea.debian.org | cilea
-  Hostname cilea.debian.org
-  User madduck
-Host duarte.debian.org | duarte
-  Hostname duarte.debian.org
-  User madduck
-Host dukas.debian.org | dukas
-  Hostname dukas.debian.org
-  User madduck
-Host glinka.debian.org | glinka
-  Hostname glinka.debian.org
-  User madduck
-Host grieg.debian.org | grieg
-  Hostname grieg.debian.org
-  User madduck
-Host io.debian.net | io
-  Hostname io.debian.net
-  User madduck
-Host lindberg.debian.org | lindberg
-  Hostname lindberg.debian.org
-  User madduck
 Host master.debian.org | master
   Hostname master.debian.org
+
+Match host *.debian.org
+  StrictHostKeyChecking ask
+  VerifyHostKeyDNS ask
   User madduck
-Host merulo.debian.org | merulo
-  Hostname merulo.debian.org
-  User madduck
-Host nono.debian.org | nono
-  Hostname nono.debian.org
-  User madduck
-Host paer.debian.org | paer
-  Hostname paer.debian.org
-  User madduck
-Host paganini.debian.org | paganini
-  Hostname paganini.debian.org
-  User madduck
-Host pergolesi.debian.org | pergolesi
-  Hostname pergolesi.debian.org
-  User madduck
-Host pescetti.debian.org | pescetti
-  Hostname pescetti.debian.org
-  User madduck
-Host piatti.debian.org | piatti
-  Hostname piatti.debian.org
-  User madduck
-Host powell.debian.org | powell
-  Hostname powell.debian.org
-  User madduck
-Host quantz.debian.org | quantz
-  Hostname quantz.debian.org
-  User madduck
-Host ravel.debian.org | ravel
-  Hostname ravel.debian.org
-  User madduck
-Host respighi.debian.org | respighi
-  Hostname respighi.debian.org
-  User madduck
-Host ries.debian.org | ries
-  Hostname ries.debian.org
-  User madduck
-Host rore.debian.org | rore
-  Hostname rore.debian.org
-  User madduck
-Host samosa.debian.org | samosa
-  Hostname samosa.debian.org
-  User madduck
-Host senfl.debian.org | senfl
-  Hostname senfl.debian.org
-  User madduck
-Host sh4.g15.jp | sh4
-  Hostname sh4.g15.jp
-  User madduck
-Host smetana.debian.org | smetana
-  Hostname smetana.debian.org
-  User madduck
-Host sperger.debian.org | sperger
-  Hostname sperger.debian.org
-  User madduck
-Host stabile.debian.org | stabile
-  Hostname stabile.debian.org
-  User madduck
-Host strauss.debian.net | strauss
-  Hostname strauss.debian.net
-  User madduck
-Host sumotsu.debian.net | sumotsu
-  Hostname sumotsu.debian.net
-  User madduck
-Host tye.debian.org | tye
-  Hostname tye.debian.org
-  User madduck
-Host vasks.debian.org | vasks
-  Hostname vasks.debian.org
-  User madduck
-Host vivaldi.debian.org | vivaldi
-  Hostname vivaldi.debian.org
-  User madduck
-Host wagner.debian.org | wagner
-  Hostname wagner.debian.org
-  User madduck
-Host widor.debian.org | widor
-  Hostname widor.debian.org
+
+### DEBCONF
+
+Host nelson.debconf.org | penta.debconf.org | nelson | summit | summit.debconf.org
+  Hostname nelson.debconf.org
+  ProxyJump sysyphus.madduck.net
+
+Host itchy.debconf.org | itchy | wafer.debconf.org | wafer
+  Hostname itchy.debconf.org
+  ProxyJump sysyphus.madduck.net
+
+Host kent.debconf.org | kent
+  Hostname kent.debconf.org
+  ProxyJump sysyphus.madduck.net
+
+### PENNY
+
+Host lion.mjollnir.org | lion | fog.mjollnir.org | fog
+  Hostname lion.mjollnir.org
+
+### TILDE CLUB
+
+Host remotes.club
+  Hostname remotes.club
+  Port 9022
   User madduck
-Host zelenka.debian.org | zelenka
-  Hostname zelenka.debian.org
+
+Host squiggle.city
+  Hostname squiggle.city
   User madduck
 
-Host people.debian.org
-  HostKeyAlias ravel.debian.org
+Host tilde.city
+  Hostname 001.tilde.city
   User madduck
 
-Host sergei.ifi.uzh.ch | sergei
-  Hostname sergei.ifi.uzh.ch
-  User krafft
-Host nikolai.ifi.uzh.ch | nikolai
-  Hostname nikolai.ifi.uzh.ch
-  User krafft
-Host franz.ifi.uzh.ch | franz
-  Hostname franz.ifi.uzh.ch
-  User krafft
+### NZ
 
-Host clegg-host | clegg-host.madduck.net | gratis2.opro.ch | opro
-  Hostname clegg-host.madduck.net
+Host workbuffer.org | nz
+  Hostname workbuffer.org
   User madduck
 
-Host arnold-host | arnold-host.madduck.net
-  Hostname arnold-host.madduck.net
-  User xen05
+### MISC
 
-Host skynet.skynet.ie | skynet.ie | skynet
-  Hostname skynet.skynet.ie
-  User madduck
+Host github.com | github
+  Hostname github.com
+  User git
+
+Host gitlab.com | gitlab
+  Hostname gitlab.com
+  User gitlab
+
+Host gitlab.debian.net | git.fosscommunity.in
+  Hostname gitlab.debian.net
+  User gitlab
+
+Host grimble.mtfk.de | grimble | mtfk | mtfk.ddns.net
+  Hostname grimble.mtfk.de
+  Port 22022
+
+### DEFAULTS
 
-Host aika.krafftwerk.de | aika
-  Hostname aika.krafftwerk.de
+Match host *.madduck.net
+  StrictHostKeyChecking ask
+  VerifyHostKeyDNS ask
 
 Host *
-# AddressFamily any
-# BatchMode no
-# CheckHostIP yes
-  Cipher blowfish
-# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr
-# ClearAllForwardings no
-# Compression no
-# CompressionLevel 6
-# ConnectionAttempts 1
+  IgnoreUnknown *
   ConnectTimeout 10
   ControlPath ~/.var/ssh/ssh_control_%l_%h_%p_%r
   ControlMaster auto
-  ControlPersist 5
-## DSAAuthentication no
-# DynamicForward off
-# EnableSSHKeysign no
-# EscapeChar ~
+  ControlPersist 30
   ExitOnForwardFailure yes
   ForwardAgent no
-  ForwardX11 no
-# ForwardX11Trusted yes
-# GatewayPorts no
-# GlobalKnownHostsFile /etc/ssh/ssh_known_hosts
+  #ForwardX11 no
+  #ForwardX11Trusted no
   HashKnownHosts no
-# HostbasedAuthentication no
-  HostKeyAlgorithms ssh-rsa
-# IdentityFile ~/.ssh/identity
-  IdentityFile2 ~/.ssh/id_rsa
-  IPQoS lowdelay throughput
-# KbdInteractiveDevices pam
-# LocalCommand none
-# LocalForward none
-# LogLevel INFO
-  MACs hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-sha1-96,hmac-md5,hmac-md5-96
-# NoHostAuthenticationForLocalhost no
   NumberOfPasswordPrompts 2
   PasswordAuthentication yes
-# PermitLocalCommand no
-# Port 22
-# PreferredAuthentications gssapi-with-mic,hostbased,publickey,keyboard-interactive,password
   Protocol 2
-# ProxyCommand
-# PubkeyAuthentication yes
-# RekeyLimit 1G-4G #depends on cipher
-# RemoteForward
-# RhostsRSAAuthentication no
-# RSAAuthentication no
-# ServerAliveCountMax 3
   ServerAliveInterval 45
-  SetupTimeOut 10
-# SmartcardDevice off
   StrictHostKeyChecking yes
-# TCPKeepAlive yes
-# Tunnel no
-# TunnelDevice any:any
-# UsePrivilegedPort no
-# UserKnownHostsFile ~/.ssh/known_hosts
-# VerifyHostKeyDNS no
+  #UpdateHostKeys no
+  VerifyHostKeyDNS ask
   VisualHostKey no
-# XAuthLocation /usr/X11R6/bin/xauth