]> git.madduck.net Git - etc/ssh.git/blobdiff - .ssh/Makefile

madduck's git repository

Every one of the projects in this repository is available at the canonical URL git://git.madduck.net/madduck/pub/<projectpath> — see each project's metadata for the exact URL.

All patches and comments are welcome. Please squash your changes to logical commits before using git-format-patch and git-send-email to patches@git.madduck.net. If you'd read over the Git project's submission guidelines and adhered to them, I'd be especially grateful.

SSH access, as well as push access can be individually arranged.

If you use my repositories frequently, consider adding the following snippet to ~/.gitconfig and using the third clone URL listed for each project:

[url "git://git.madduck.net/madduck/"]
  insteadOf = madduck:

forward agent to albatross and paperless
[etc/ssh.git] / .ssh / Makefile
index 6e83244e7090057c9c76bfd5b878278b7356db24..2ba6e4a9d0c9bffea14824251bf8be85cf55e84c 100644 (file)
@@ -1,16 +1,78 @@
-all: known_hosts authorized_keys
+all: known_hosts authorized_keys config
+       @chmod -R og= .
 .PHONY: all
 
 known_hosts: $(wildcard known_hosts.d/*)
        touch $@
        for f in $^; do \
 .PHONY: all
 
 known_hosts: $(wildcard known_hosts.d/*)
        touch $@
        for f in $^; do \
-         echo "# from $$f:"; \
+         echo "### from $$f:"; \
          cat $$f; \
          cat $$f; \
-       done >> $@
+         echo; \
+       done > $@
 
 authorized_keys: $(wildcard authorized_keys.d/*)
        touch $@
        for f in $^; do \
 
 authorized_keys: $(wildcard authorized_keys.d/*)
        touch $@
        for f in $^; do \
-         echo "# from $$f:"; \
+         echo "### from $$f:"; \
          cat $$f; \
          cat $$f; \
-       done >> $@
+         echo; \
+       done > $@
+
+ifeq ($(strip $(wildcard config.local)),)
+LOCAL_CONFIG=/dev/null
+else
+LOCAL_CONFIG=config.local
+endif
+
+SSH_VERSION = $(shell ssh -V 2>&1)
+config: $(LOCAL_CONFIG) config.in
+       cat $^ > $@
+       case "$(SSH_VERSION)" in \
+         (OpenSSH_7.[12]*) \
+                   sed -ri -e 's,ProxyJump ([-.[:alnum:]]+),ProxyCommand ssh \1 nc -q0 %h %p,' $@ \
+           ;; \
+         (OpenSSH_6.*) \
+           sed -ri -e 's,^.+\bCanonical.+$$,##UNSUPPORTED##&,' \
+                   -e 's,^.+\bIgnoreUnknown\b.+$$,##UNSUPPORTED##&,' \
+                   -e 's,^.+\bUpdateHostKeys\b.+$$,##UNSUPPORTED##&,' \
+                   -e 's,^Match host ,Host ,' \
+                   $@; \
+                   sed -ri -e 's,ProxyJump ([-.[:alnum:]]+),ProxyCommand ssh \1 nc -q0 %h %p,' $@ \
+           ;; \
+         (OpenSSH_5.*) \
+           sed -ri -e 's,^.+\bControlPersist\b.+$$,##UNSUPPORTED##&,' \
+                   -e 's,^.+\bIPQoS\b.+$$,##UNSUPPORTED##&,' \
+                   -e 's,^.+\bCanonical.+$$,##UNSUPPORTED##&,' \
+                   $@ \
+           ;; \
+         (OpenSSH_4.7*) \
+           sed -ri -e 's,^.+\bVisualHostKey\b.+$$,##UNSUPPORTED##&,' \
+                   -e 's,^.+\bControlPersist\b.+$$,##UNSUPPORTED##&,' \
+                   -e 's,^.+\bIPQoS\b.+$$,##UNSUPPORTED##&,' \
+                   -e 's,^.+\bCanonical.+$$,##UNSUPPORTED##&,' \
+                   $@ \
+           ;; \
+         (OpenSSH_4.3*) \
+           sed -ri -e 's,^.+\bExitOnForwardFailure\b.+$$,##UNSUPPORTED##&,' \
+                   -e 's,^.+\bMACs\b.+$$,##UNSUPPORTED##&,' \
+                   -e 's,^(.+ControlPath ~/.var/ssh/ssh_control_)%l_(.+),\1\2,' \
+                   -e 's,^.+\bVisualHostKey\b.+$$,##UNSUPPORTED##&,' \
+                   -e 's,^.+\bControlPersist\b.+$$,##UNSUPPORTED##&,' \
+                   -e 's,^.+\bIPQoS\b.+$$,##UNSUPPORTED##&,' \
+                   -e 's,^.+\bCanonical.+$$,##UNSUPPORTED##&,' \
+                   $@ \
+           ;; \
+         (3.9*) \
+           sed -ri -e 's,^.+\bExitOnForwardFailure\b.+$$,##UNSUPPORTED##&,' \
+                   -e 's,^.+\bMACs\b.+$$,##UNSUPPORTED##&,' \
+                   -e 's,^.+\bHashKnownHosts\b.+$$,##UNSUPPORTED##&,' \
+                   -e 's,^.+\bControl(Master|Path|Persist)\b.+$$,##UNSUPPORTED##&,' \
+                   -e 's,^.+\bIPQoS\b.+$$,##UNSUPPORTED##&,' \
+                   -e 's,^.+\bCanonical.+$$,##UNSUPPORTED##&,' \
+                   $@ \
+           ;; \
+       esac; \
+       case "$$HOSTNAME" in \
+         (fishbowl) \
+           sed -i -re '/^Host fishbowl/,/^[[:space:]]*ProxyCommand/s/ProxyCommand.*/Host localhost/' $@; \
+       esac