]> git.madduck.net Git - etc/ssh.git/blobdiff - .ssh/config.in

madduck's git repository

Every one of the projects in this repository is available at the canonical URL git://git.madduck.net/madduck/pub/<projectpath> — see each project's metadata for the exact URL.

All patches and comments are welcome. Please squash your changes to logical commits before using git-format-patch and git-send-email to patches@git.madduck.net. If you'd read over the Git project's submission guidelines and adhered to them, I'd be especially grateful.

SSH access, as well as push access can be individually arranged.

If you use my repositories frequently, consider adding the following snippet to ~/.gitconfig and using the third clone URL listed for each project:

[url "git://git.madduck.net/madduck/"]
  insteadOf = madduck:

do not autologin as root to virt hosts
[etc/ssh.git] / .ssh / config.in
index ecfd29183ce3ea5ed106c2a42ce642699a910481..bdc3ea254548b2704cb7c8d3f46727b7ec84e05a 100644 (file)
@@ -4,6 +4,10 @@ Host 127.0.0.1 | localhost
   ForwardX11Trusted yes
   NoHostAuthenticationForLocalhost yes
 
+Match host *.madduck.net
+  StrictHostKeyChecking ask
+  VerifyHostKeyDNS ask
+
 ### CHARADE KVM HOST
 
 Host charade.madduck.net | charade
@@ -34,6 +38,26 @@ Host ambassador.madduck.net | ambassador
   ForwardAgent yes
   Hostname ambassador.madduck.net
 
+Host alan.madduck.net | alan
+  ForwardAgent yes
+  Hostname alan.madduck.net
+
+Host swan.madduck.net | swan
+  ForwardAgent yes
+  Hostname swan.madduck.net
+Host irc-host.madduck.net | irc-host
+  User madduck
+  HostKeyAlias swan.madduck.net
+  ConnectTimeout 60
+
+Host pulse.madduck.net | pulse
+  ForwardAgent yes
+  Hostname pulse.madduck.net
+
+Host seamus.madduck.net | seamus
+  ForwardAgent yes
+  Hostname seamus.madduck.net
+
 ### KHYBER KVM HOST
 
 Host khyber.madduck.net | khyber
@@ -44,6 +68,10 @@ Host khyber-vnc
   ControlPath none
   Hostname khyber.madduck.net
 
+Host bike.madduck.net | bike
+  ForwardAgent yes
+  Hostname bike.madduck.net
+
 Host lotus.madduck.net | lotus
   ForwardAgent yes
   Hostname lotus.madduck.net
@@ -86,12 +114,6 @@ Host ssh443.madduck.net | ssh443
 Host openvpn.madduck.net | openvpn
   HostKeyAlias sysyphus.madduck.net
 
-Host wots.madduck.net | wots
-  ForwardAgent yes
-  Hostname wots.madduck.net
-Host buildd.debian.madduck.net | buildd
-  HostKeyAlias wots.madduck.net
-
 ### UNI ZURICH MACHINES
 
 Host diamond.madduck.net | diamond
@@ -131,28 +153,23 @@ Host franz.ifi.uzh.ch | franz
   Hostname franz.ifi.uzh.ch
   User krafft
 
-### SWAN / BYTEMARK
+### PIPER / BYTEMARK
 
-Host swan-host | swan-host.madduck.net
-  Hostname swan-host.madduck.net
-  User krafft
+Host piper.madduck.net | piper
+  Hostname piper.madduck.net
 
-Host swan.madduck.net | swan
-  ForwardAgent yes
-  Hostname swan.madduck.net
+### CIRRUS / HETZNER
+
+Host cirrus.madduck.net | cirrus
+  Hostname cirrus.madduck.net
 
 ### ARNOLD / GPLHOST
 
 Host arnold.madduck.net | arnold
-  ForwardAgent yes
   Hostname arnold.madduck.net
 Host arnold-host | arnold-host.madduck.net
   Hostname arnold-host.madduck.net
   User xen05
-Host irc
-  User madduck
-  Hostname arnold.madduck.net
-  ConnectTimeout 60
 
 ### GERN
 
@@ -164,22 +181,17 @@ Host wall.gern.madduck.net | wall
 Host julia.gern.madduck.net | julia
   Hostname julia.gern.madduck.net
   ForwardAgent yes
-Host juliae
-  Hostname wall.gern.madduck.net
-  Port 22002
-  CheckHostIP no
-  ForwardAgent yes
   ForwardX11 yes
-  HostKeyAlias julia.gern.madduck.net
 
 Host git.gern.madduck.net | git.gern
   ForwardAgent yes
   HostKeyAlias julia.gern.madduck.net
-
-Host fishbowl.gern.madduck.net | fishbowl.gern
+Host annex.gern.madduck.net | annex.gern
   ForwardAgent yes
-  ForwardX11 yes
-  HostKeyAlias fishbowl
+  HostKeyAlias julia.gern.madduck.net
+Host shared.gern.madduck.net | shared.gern
+  ForwardAgent yes
+  HostKeyAlias julia.gern.madduck.net
 
 Host pict.gern.madduck.net | pict
   Hostname pict.gern.madduck.net
@@ -243,13 +255,38 @@ Host atom.mtvic.madduck.net | atom.mtvic | atom
 
 ### ROAD WARRIORS
 
-Host fishbowl
+Host fishbowl.*
   CheckHostIP no
   ForwardAgent yes
   ForwardX11 yes
+  HostKeyAlias fishbowl
+
+Host fishbowl | fishbowl.rw.madduck.net
+  CheckHostIP no
+  ForwardAgent yes
+  ForwardX11 yes
+  HostKeyAlias fishbowl
+  ProxyCommand bash -c "TARGETS=$( (TRIES=%h.{gern,lehel,rw}.madduck.net; eval fping -aAC1 -t100 $TRIES; eval fping6 -aAC1 -t100 $TRIES; wait) 2>&1 | sed -rne 's, : ([[:digit:]]), @\1,p' | sort -t@ -k2n | sed -ne 's, .*,,p' | tr '\n' ','); echo Targets: \$TARGETS using \${TARGETS%%%%,*} … >&2; nc -vq0 \${TARGETS%%%%,*} %p"
+
+### LOCAL VIRT HOSTS
+
+Host *.virt | 192.168.122.* | red | green | blue | yellow | black | white | orange | violet
+  CheckHostIP no
+  ForwardAgent yes
+  StrictHostKeyChecking no
+  UserKnownHostsFile /dev/null
+  ControlMaster no
+  CanonicalDomains virt
+  CanonicalizeHostname yes
+  CanonicalizeFallbackLocal no
+  CanonicalizeMaxDots 0
 
 ### DEBIAN
 
+Match host *.debian.org
+  StrictHostKeyChecking ask
+  VerifyHostKeyDNS ask
+
 Host scm.alioth.debian.org
   HostKeyAlias moszumanska.debian.org
   User madduck
@@ -851,9 +888,13 @@ Host zemlinsky.debian.org | zemlinsky
   Hostname zemlinsky.debian.org
   User madduck
 
-Host nelson.debconf.org | penta.debconf.org | nelson | summit
+Host nelson.debconf.org | penta.debconf.org | nelson | summit | summit.debconf.org
   Hostname nelson.debconf.org
-  ProxyCommand ssh people.debian.org nc -q0 %h %p
+  ProxyCommand ssh sysyphus.madduck.net nc -q0 %h %p
+
+Host kent.debconf.org | kent
+  Hostname kent.debconf.org
+  ProxyCommand ssh sysyphus.madduck.net nc -q0 %h %p
 
 ### PENNY
 
@@ -894,63 +935,21 @@ Host github.com | github
 ### DEFAULTS
 
 Host *
-# AddressFamily any
-# BatchMode no
-# CheckHostIP yes
-  Cipher blowfish
-# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr
-# ClearAllForwardings no
-# Compression no
-# CompressionLevel 6
-# ConnectionAttempts 1
+  IgnoreUnknown *
   ConnectTimeout 10
   ControlPath ~/.var/ssh/ssh_control_%l_%h_%p_%r
   ControlMaster auto
   ControlPersist 30
-## DSAAuthentication no
-# DynamicForward off
-# EnableSSHKeysign no
-# EscapeChar ~
   ExitOnForwardFailure yes
   ForwardAgent no
   ForwardX11 no
-# ForwardX11Trusted yes
-# GatewayPorts no
-# GlobalKnownHostsFile /etc/ssh/ssh_known_hosts
+  ForwardX11Trusted no
   HashKnownHosts no
-# HostbasedAuthentication no
-  HostKeyAlgorithms ssh-rsa
-# IdentityFile ~/.ssh/identity
-  IdentityFile2 ~/.ssh/id_rsa
-  IPQoS lowdelay throughput
-# KbdInteractiveDevices pam
-# LocalCommand none
-# LocalForward none
-# LogLevel INFO
-  MACs hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-sha1-96,hmac-md5,hmac-md5-96
-# NoHostAuthenticationForLocalhost no
   NumberOfPasswordPrompts 2
   PasswordAuthentication yes
-# PermitLocalCommand no
-# Port 22
-# PreferredAuthentications gssapi-with-mic,hostbased,publickey,keyboard-interactive,password
   Protocol 2
-# ProxyCommand
-# PubkeyAuthentication yes
-# RekeyLimit 1G-4G #depends on cipher
-# RemoteForward
-# RhostsRSAAuthentication no
-# RSAAuthentication no
-# ServerAliveCountMax 3
   ServerAliveInterval 45
-  SetupTimeOut 10
-# SmartcardDevice off
   StrictHostKeyChecking yes
-# TCPKeepAlive yes
-# Tunnel no
-# TunnelDevice any:any
-# UsePrivilegedPort no
-# UserKnownHostsFile ~/.ssh/known_hosts
-# VerifyHostKeyDNS no
+  UpdateHostKeys ask
+  VerifyHostKeyDNS ask
   VisualHostKey no
-# XAuthLocation /usr/X11R6/bin/xauth