]> git.madduck.net Git - etc/ssh.git/blobdiff - .ssh/config.in

madduck's git repository

Every one of the projects in this repository is available at the canonical URL git://git.madduck.net/madduck/pub/<projectpath> — see each project's metadata for the exact URL.

All patches and comments are welcome. Please squash your changes to logical commits before using git-format-patch and git-send-email to patches@git.madduck.net. If you'd read over the Git project's submission guidelines and adhered to them, I'd be especially grateful.

SSH access, as well as push access can be individually arranged.

If you use my repositories frequently, consider adding the following snippet to ~/.gitconfig and using the third clone URL listed for each project:

[url "git://git.madduck.net/madduck/"]
  insteadOf = madduck:

projects / etc / ssh.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
do not autologin as root to virt hosts
[etc/ssh.git] / .ssh / config.in
diff --git a/.ssh/config.in b/.ssh/config.in
index f4906a19d55a77e5b798db84815a25bc6b33c899..bdc3ea254548b2704cb7c8d3f46727b7ec84e05a 100644 (file)
--- a/.ssh/config.in
+++ b/.ssh/config.in
@@ -4,6 +4,10 @@ Host 127.0.0.1 | localhost
   ForwardX11Trusted yes
   NoHostAuthenticationForLocalhost yes
 
+Match host *.madduck.net
+  StrictHostKeyChecking ask
+  VerifyHostKeyDNS ask
+
 ### CHARADE KVM HOST
 
 Host charade.madduck.net | charade
@@ -50,6 +54,10 @@ Host pulse.madduck.net | pulse
   ForwardAgent yes
   Hostname pulse.madduck.net
 
+Host seamus.madduck.net | seamus
+  ForwardAgent yes
+  Hostname seamus.madduck.net
+
 ### KHYBER KVM HOST
 
 Host khyber.madduck.net | khyber
@@ -150,6 +158,11 @@ Host franz.ifi.uzh.ch | franz
 Host piper.madduck.net | piper
   Hostname piper.madduck.net
 
+### CIRRUS / HETZNER
+
+Host cirrus.madduck.net | cirrus
+  Hostname cirrus.madduck.net
+
 ### ARNOLD / GPLHOST
 
 Host arnold.madduck.net | arnold
@@ -263,7 +276,6 @@ Host *.virt | 192.168.122.* | red | green | blue | yellow | black | white | oran
   StrictHostKeyChecking no
   UserKnownHostsFile /dev/null
   ControlMaster no
-  User root
   CanonicalDomains virt
   CanonicalizeHostname yes
   CanonicalizeFallbackLocal no
@@ -271,6 +283,10 @@ Host *.virt | 192.168.122.* | red | green | blue | yellow | black | white | oran
 
 ### DEBIAN
 
+Match host *.debian.org
+  StrictHostKeyChecking ask
+  VerifyHostKeyDNS ask
+
 Host scm.alioth.debian.org
   HostKeyAlias moszumanska.debian.org
   User madduck
@@ -919,63 +935,21 @@ Host github.com | github
 ### DEFAULTS
 
 Host *
-# AddressFamily any
-# BatchMode no
-# CheckHostIP yes
-  Cipher blowfish
-# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr
-# ClearAllForwardings no
-# Compression no
-# CompressionLevel 6
-# ConnectionAttempts 1
+  IgnoreUnknown *
   ConnectTimeout 10
   ControlPath ~/.var/ssh/ssh_control_%l_%h_%p_%r
   ControlMaster auto
   ControlPersist 30
-## DSAAuthentication no
-# DynamicForward off
-# EnableSSHKeysign no
-# EscapeChar ~
   ExitOnForwardFailure yes
   ForwardAgent no
   ForwardX11 no
-# ForwardX11Trusted yes
-# GatewayPorts no
-# GlobalKnownHostsFile /etc/ssh/ssh_known_hosts
+  ForwardX11Trusted no
   HashKnownHosts no
-# HostbasedAuthentication no
-  HostKeyAlgorithms ssh-rsa
-# IdentityFile ~/.ssh/identity
-  IdentityFile2 ~/.ssh/id_rsa
-  IPQoS lowdelay throughput
-# KbdInteractiveDevices pam
-# LocalCommand none
-# LocalForward none
-# LogLevel INFO
-  MACs hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-sha1-96,hmac-md5,hmac-md5-96
-# NoHostAuthenticationForLocalhost no
   NumberOfPasswordPrompts 2
   PasswordAuthentication yes
-# PermitLocalCommand no
-# Port 22
-# PreferredAuthentications gssapi-with-mic,hostbased,publickey,keyboard-interactive,password
   Protocol 2
-# ProxyCommand
-# PubkeyAuthentication yes
-# RekeyLimit 1G-4G #depends on cipher
-# RemoteForward
-# RhostsRSAAuthentication no
-# RSAAuthentication no
-# ServerAliveCountMax 3
   ServerAliveInterval 45
-  SetupTimeOut 10
-# SmartcardDevice off
   StrictHostKeyChecking yes
-# TCPKeepAlive yes
-# Tunnel no
-# TunnelDevice any:any
-# UsePrivilegedPort no
-# UserKnownHostsFile ~/.ssh/known_hosts
-# VerifyHostKeyDNS no
+  UpdateHostKeys ask
+  VerifyHostKeyDNS ask
   VisualHostKey no
-# XAuthLocation /usr/X11R6/bin/xauth
OpenSSH configuration

Legalese

All content available in this repository is copyright © martin f. krafft, unless otherwise noted.

All files and their content are released under the terms of the Artistic Licence 2.0, unless otherwise noted.

The operator of this repository shall not be held liable for offending content in pages linking to or linked from these page, nor does he endorse their content unless stated otherwise.