]> git.madduck.net Git - etc/ssh.git/blobdiff - .ssh/config.in

madduck's git repository

Every one of the projects in this repository is available at the canonical URL git://git.madduck.net/madduck/pub/<projectpath> — see each project's metadata for the exact URL.

All patches and comments are welcome. Please squash your changes to logical commits before using git-format-patch and git-send-email to patches@git.madduck.net. If you'd read over the Git project's submission guidelines and adhered to them, I'd be especially grateful.

SSH access, as well as push access can be individually arranged.

If you use my repositories frequently, consider adding the following snippet to ~/.gitconfig and using the third clone URL listed for each project:

[url "git://git.madduck.net/madduck/"]
  insteadOf = madduck:

albatross jumphost now clegg.dyndns
[etc/ssh.git] / .ssh / config.in
index da5eb8208a98737ea1df65c996ac92b29eaf4db6..a62c746ec57c23e14746782e8b492a8d1a9354a9 100644 (file)
@@ -14,78 +14,74 @@ Host charade-vnc
   ControlPath none
   Hostname charade.madduck.net
 
+Host emily.madduck.net | emily
+  ForwardAgent yes
+  Hostname emily.madduck.net
+
 Host matilda.madduck.net | matilda
   ForwardAgent yes
   Hostname matilda.madduck.net
+Host irc-host.madduck.net | irc-host
+  User madduck
+  HostKeyAlias matilda.madduck.net
+  ConnectTimeout 60
 
 Host vizier.madduck.net | vizier
   ForwardAgent yes
   Hostname vizier.madduck.net
+Host admin.madduck.net | admin
+  Hostname admin.madduck.net
+  HostKeyAlias vizier.madduck.net
+  User git
 
-### KHYBER KVM HOST
-
-Host khyber.madduck.net | khyber
+Host ambassador.madduck.net | ambassador
   ForwardAgent yes
-  Hostname khyber.madduck.net
-Host khyber-vnc
-  ControlMaster no
-  ControlPath none
-  Hostname khyber.madduck.net
+  Hostname ambassador.madduck.net
 
-Host lotus.madduck.net | lotus
+Host alan.madduck.net | alan
   ForwardAgent yes
-  Hostname lotus.madduck.net
+  Hostname alan.madduck.net
 Host git.madduck.net | git
   User git
-  HostKeyAlias lotus.madduck.net
-Host git.debian.ch
-  User git
-  HostKeyAlias lotus.madduck.net
-Host martin-krafft.net
-  User madduck
-  HostKeyAlias lotus.madduck.net
-Host phd.martin-krafft.net
-  User madduck
-  HostKeyAlias lotus.madduck.net
-Host madduck.net
-  User madduck
-  HostKeyAlias lotus.madduck.net
+  HostKeyAlias alan.madduck.net
 
-Host jugband.madduck.net | jugband
+Host swan.madduck.net | swan
   ForwardAgent yes
-  Hostname jugband.madduck.net
+  Hostname swan.madduck.net
 
-Host domine.madduck.net | domine
+Host pulse.madduck.net | pulse
   ForwardAgent yes
-  Hostname domine.madduck.net
-Host irc
-  User madduck
-  Hostname domine.madduck.net
-  ConnectTimeout 60
-Host imap.madduck.net
-  HostKeyAlias domine.madduck.net
+  Hostname pulse.madduck.net
 
-Host aika.krafftwerk.de | aika
-  Hostname aika.krafftwerk.de
+Host vera.madduck.net | vera
+  ForwardAgent yes
+  Hostname vera.madduck.net
 
-Host sysyphus.madduck.net | sysyphus
+Host seamus.madduck.net | seamus
   ForwardAgent yes
-  Hostname sysyphus.madduck.net
-Host ssh443.madduck.net | ssh443
-  HostKeyAlias sysyphus.madduck.net
+  Hostname seamus.madduck.net
+
+Host cymbaline.madduck.net | cymbaline
   ForwardAgent yes
-  Port 443
-Host openvpn.madduck.net | openvpn
-  HostKeyAlias sysyphus.madduck.net
+  Hostname cymbaline.madduck.net
 
-Host wots.madduck.net | wots
+Host lunatic.madduck.net | lunatic
   ForwardAgent yes
-  Hostname wots.madduck.net
-Host buildd.debian.madduck.net | buildd
-  HostKeyAlias wots.madduck.net
+  Hostname lunatic.madduck.net
 
 ### UNI ZURICH MACHINES
 
+Host gig.madduck.net | gig
+  ForwardAgent yes
+  Hostname gig.madduck.net
+
+Host eugene.madduck.net | eugene
+  ForwardAgent yes
+  Hostname eugene.madduck.net
+Host eugene-luks
+  Hostname eugene.madduck.net
+  User root
+
 Host diamond.madduck.net | diamond
   ForwardAgent yes
   Hostname diamond.madduck.net
@@ -113,72 +109,19 @@ Host shelter.madduck.net | shelter
 Host backup.madduck.net | backup
   HostKeyAlias shelter.madduck.net
 
-Host sergei.ifi.uzh.ch | sergei
-  Hostname sergei.ifi.uzh.ch
-  User krafft
-Host nikolai.ifi.uzh.ch | nikolai
-  Hostname nikolai.ifi.uzh.ch
-  User krafft
-Host franz.ifi.uzh.ch | franz
-  Hostname franz.ifi.uzh.ch
-  User krafft
-
-### SWAN / BYTEMARK
-
-Host swan-host | swan-host.madduck.net
-  Hostname swan-host.madduck.net
-  User krafft
-
-Host swan.madduck.net | swan
-  ForwardAgent yes
-  Hostname swan.madduck.net
+### PIPER / BYTEMARK
 
-### ARNOLD / GPLHOST
+Host piper.madduck.net | piper
+  Hostname piper.madduck.net
 
-Host arnold-host | arnold-host.madduck.net
-  Hostname arnold-host.madduck.net
-  User xen05
+### CIRRUS / HETZNER
 
-### GERN
-
-Host wall.gern.madduck.net | wall
-  CheckHostIP no
-  ForwardAgent yes
-  Hostname wall.gern.madduck.net
-
-Host julia.gern.madduck.net | julia
-  Hostname julia.gern.madduck.net
-  ForwardAgent yes
-Host juliae
-  Hostname wall.gern.madduck.net
-  Port 22002
-  CheckHostIP no
-  ForwardAgent yes
-  ForwardX11 yes
-  HostKeyAlias julia.gern.madduck.net
-
-Host fishbowl.gern.madduck.net | fishbowl.gern
-  ForwardAgent yes
-  ForwardX11 yes
-  HostKeyAlias fishbowl.gern
-
-Host galaxy-s2.phones.gern | galaxy-s2
-  Hostname galaxy-s2.phones.gern
-  HostKeyAlias galaxy-s2.phones.gern
-  User root
-
-Host pict.gern.madduck.net | pict
-  Hostname pict.gern.madduck.net
-  ForwardAgent yes
-  ForwardX11 yes
-
-Host visitor*.gern.madduck.net | visitor*.gern | visitor*
-  StrictHostKeyChecking no
-  UserKnownHostsFile /dev/null
+Host cirrus.madduck.net | cirrus
+  Hostname cirrus.madduck.net
 
 ### LEHEL
 
-Host clegg.lehel.madduck.net | clegg
+Host clegg.lehel.madduck.net | clegg.lehel | clegg
   CheckHostIP no
   ForwardAgent yes
   Hostname clegg.lehel.madduck.net
@@ -188,18 +131,19 @@ Host albatross.lehel.madduck.net | albatross.lehel | albatross
   ForwardAgent yes
   ForwardX11 yes
   HostKeyAlias albatross.lehel
-Host albatrosse
-  Hostname wall.lehel.madduck.net
-  Port 22032
-  CheckHostIP no
-  ForwardAgent yes
-  ForwardX11 yes
-  HostKeyAlias albatross.lehel
+Host albatross-luks
+  Hostname albatross.lehel.madduck.net
+  StrictHostKeyChecking no
+  UserKnownHostsFile /dev/null
+  User root
 
-Host fishbowl.lehel.madduck.net | fishbowl.lehel
-  ForwardAgent yes
-  ForwardX11 yes
-  HostKeyAlias fishbowl.lehel
+Host albatross-via-clegg
+  Hostname albatross.lehel.madduck.net
+  ProxyJump clegg.dyndns.madduck.net
+
+Host visitor*.lehel.madduck.net | visitor*.lehel
+  StrictHostKeyChecking no
+  UserKnownHostsFile /dev/null
 
 ### GAUTING
 
@@ -221,17 +165,9 @@ Host mothere
   ForwardX11 yes
   HostKeyAlias mother.gauting.madduck.net
 
-Host brick.gauting.madduck.net | brick
-  Hostname brick.gauting.madduck.net
-  ForwardAgent yes
-  ForwardX11 yes
-Host bricke
-  Hostname embryo.gauting.madduck.net
-  Port 22222
-  CheckHostIP no
-  ForwardAgent yes
-  ForwardX11 yes
-  HostKeyAlias brick.gauting.madduck.net
+Host visitor*.lehel.madduck.net | visitor*.lehel
+  StrictHostKeyChecking no
+  UserKnownHostsFile /dev/null
 
 ### MOUNT VICTORIA
 
@@ -239,155 +175,93 @@ Host atom.mtvic.madduck.net | atom.mtvic | atom
   Hostname atom.mtvic.madduck.net
   ForwardAgent yes
 
+Host atom-via-sysyphus
+  HostKeyAlias atom.mtvic.madduck.net
+  ProxyCommand ssh sysyphus.madduck.net nc -q0 localhost 22015
+
+Host bell.mtvic.madduck.net | bell.mtvic | bell | chip
+  Hostname bell.mtvic.madduck.net
+  ForwardAgent yes
+
 ### ROAD WARRIORS
 
-Host fishbowl
+Host fishbowl.*
   CheckHostIP no
   ForwardAgent yes
   ForwardX11 yes
+  HostKeyAlias fishbowl
+
+Host fishbowl | fishbowl.rw.madduck.net
+  CheckHostIP no
+  ForwardAgent yes
+  ForwardX11 yes
+  HostKeyAlias fishbowl
+  ProxyCommand bash -c "TARGETS=$( (TRIES=%h.{gern,lehel,gauting,mtvic,rw}.madduck.net; eval fping -aAC1 -t500 $TRIES 2>&1 & eval fping6 -aAC1 -t500 $TRIES 2>&1; wait) | sed -rne 's, : ([[:digit:]]), @\1,p' | sort -t@ -k2n | sed -ne 's, .*,,p' | tr '\n' ','); echo Targets: \$TARGETS using \${TARGETS%%%%,*} … >&2; exec nc -vq0 \${TARGETS%%%%,*} %p"
+
+### PHONES
+
+Host sgs7e | sgs7e.phones.*
+  Port 2222
+  User admin
+  HostName sgs7e.phones
+
+### LOCAL VIRT HOSTS
+
+Host wafer.virt
+  RemoteForward 25000 localhost:25
+  ForwardX11 yes
+
+Host red | green | blue | yellow | black | white | orange | violet | wafer
+  CanonicalDomains virt
+  CanonicalizeHostname yes
+  CanonicalizeFallbackLocal no
+  CanonicalizeMaxDots 0
+  VerifyHostKeyDNS no
+  CheckHostIP no
+  ForwardAgent yes
+  StrictHostKeyChecking no
+  UserKnownHostsFile /dev/null
 
 ### DEBIAN
 
-Host scm.alioth.debian.org
+Host alioth.debian.org | anonscm.alioth.debian.org | svn.debian.org | git.debian.org | hg.debian.org | cvs.debian.org
   HostKeyAlias moszumanska.debian.org
-  User madduck
-Host svn.debian.org
-  HostKeyAlias moszumanska.debian.org
-  User madduck
-Host git.debian.org
-  HostKeyAlias moszumanska.debian.org
-  User madduck
-Host hg.debian.org
-  HostKeyAlias moszumanska.debian.org
-  User madduck
-Host cvs.debian.org
-  HostKeyAlias moszumanska.debian.org
-  User madduck
 
 Host people.debian.org | people
   Hostname people.debian.org
   HostKeyAlias paradis.debian.org
-  User madduck
 
-Host abel.debian.org | abel
-  Hostname abel.debian.org
-  User madduck
-Host agricola.debian.org | agricola
-  Hostname agricola.debian.org
-  User madduck
-Host albeniz.debian.org | albeniz
-  Hostname albeniz.debian.org
-  User madduck
-Host asdfasdf.debian.net | asdfasdf
-  Hostname asdfasdf.debian.net
-  User madduck
-Host busoni.debian.org | busoni
-  Hostname busoni.debian.org
-  User madduck
-Host cilea.debian.org | cilea
-  Hostname cilea.debian.org
-  User madduck
-Host duarte.debian.org | duarte
-  Hostname duarte.debian.org
-  User madduck
-Host dukas.debian.org | dukas
-  Hostname dukas.debian.org
-  User madduck
-Host glinka.debian.org | glinka
-  Hostname glinka.debian.org
-  User madduck
-Host grieg.debian.org | grieg
-  Hostname grieg.debian.org
-  User madduck
-Host io.debian.net | io
-  Hostname io.debian.net
-  User madduck
-Host lindberg.debian.org | lindberg
-  Hostname lindberg.debian.org
-  User madduck
 Host master.debian.org | master
   Hostname master.debian.org
+
+Match host *.debian.org
+  StrictHostKeyChecking ask
+  VerifyHostKeyDNS ask
   User madduck
-Host merulo.debian.org | merulo
-  Hostname merulo.debian.org
-  User madduck
-Host nono.debian.org | nono
-  Hostname nono.debian.org
-  User madduck
-Host paer.debian.org | paer
-  Hostname paer.debian.org
-  User madduck
-Host paganini.debian.org | paganini
-  Hostname paganini.debian.org
-  User madduck
-Host pergolesi.debian.org | pergolesi
-  Hostname pergolesi.debian.org
-  User madduck
-Host pescetti.debian.org | pescetti
-  Hostname pescetti.debian.org
-  User madduck
-Host piatti.debian.org | piatti
-  Hostname piatti.debian.org
-  User madduck
-Host powell.debian.org | powell
-  Hostname powell.debian.org
-  User madduck
-Host quantz.debian.org | quantz
-  Hostname quantz.debian.org
-  User madduck
-Host ravel.debian.org | ravel
-  Hostname ravel.debian.org
-  User madduck
-Host respighi.debian.org | respighi
-  Hostname respighi.debian.org
-  User madduck
-Host ries.debian.org | ries
-  Hostname ries.debian.org
-  User madduck
-Host rore.debian.org | rore
-  Hostname rore.debian.org
-  User madduck
-Host samosa.debian.org | samosa
-  Hostname samosa.debian.org
-  User madduck
-Host senfl.debian.org | senfl
-  Hostname senfl.debian.org
-  User madduck
-Host sh4.g15.jp | sh4
-  Hostname sh4.g15.jp
-  User madduck
-Host smetana.debian.org | smetana
-  Hostname smetana.debian.org
-  User madduck
-Host sperger.debian.org | sperger
-  Hostname sperger.debian.org
-  User madduck
-Host stabile.debian.org | stabile
-  Hostname stabile.debian.org
-  User madduck
-Host strauss.debian.net | strauss
-  Hostname strauss.debian.net
-  User madduck
-Host sumotsu.debian.net | sumotsu
-  Hostname sumotsu.debian.net
-  User madduck
-Host tye.debian.org | tye
-  Hostname tye.debian.org
-  User madduck
-Host vasks.debian.org | vasks
-  Hostname vasks.debian.org
-  User madduck
-Host vivaldi.debian.org | vivaldi
-  Hostname vivaldi.debian.org
-  User madduck
-Host wagner.debian.org | wagner
-  Hostname wagner.debian.org
-  User madduck
-Host widor.debian.org | widor
-  Hostname widor.debian.org
+
+### DEBCONF
+
+Host nelson.debconf.org | penta.debconf.org | nelson | summit | summit.debconf.org
+  Hostname nelson.debconf.org
+  ProxyJump sysyphus.madduck.net
+
+Host itchy.debconf.org | itchy | wafer.debconf.org | wafer
+  Hostname itchy.debconf.org
+  ProxyJump sysyphus.madduck.net
+
+Host kent.debconf.org | kent
+  Hostname kent.debconf.org
+  ProxyJump sysyphus.madduck.net
+
+### TILDE CLUB
+
+Host remotes.club
+  Hostname remotes.club
+  Port 9022
   User madduck
-Host zelenka.debian.org | zelenka
-  Hostname zelenka.debian.org
+
+Host squiggle.city
+  Hostname squiggle.city
   User madduck
 
 ### NZ
@@ -402,66 +276,44 @@ Host github.com | github
   Hostname github.com
   User git
 
+Host gitlab.com | gitlab
+  Hostname gitlab.com
+  User gitlab
+
+Host gitlab.debian.net | git.fosscommunity.in
+  Hostname gitlab.debian.net
+  User gitlab
+
+Host grimble.mtfk.de | grimble | mtfk
+  CheckHostIP no
+  Hostname grimble.mtfk.de
+
+Host lion.mjollnir.org | lion
+  Hostname lion.mjollnir.org
+  User madduck
+
 ### DEFAULTS
 
+Match host *.madduck.net
+  StrictHostKeyChecking ask
+  VerifyHostKeyDNS ask
+
 Host *
-# AddressFamily any
-# BatchMode no
-# CheckHostIP yes
-  Cipher blowfish
-# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr
-# ClearAllForwardings no
-# Compression no
-# CompressionLevel 6
-# ConnectionAttempts 1
+  IgnoreUnknown *
   ConnectTimeout 10
   ControlPath ~/.var/ssh/ssh_control_%l_%h_%p_%r
   ControlMaster auto
-  ControlPersist 5
-## DSAAuthentication no
-# DynamicForward off
-# EnableSSHKeysign no
-# EscapeChar ~
+  ControlPersist 30
   ExitOnForwardFailure yes
   ForwardAgent no
-  ForwardX11 no
-# ForwardX11Trusted yes
-# GatewayPorts no
-# GlobalKnownHostsFile /etc/ssh/ssh_known_hosts
+  #ForwardX11 no
+  #ForwardX11Trusted no
   HashKnownHosts no
-# HostbasedAuthentication no
-  HostKeyAlgorithms ssh-rsa
-# IdentityFile ~/.ssh/identity
-  IdentityFile2 ~/.ssh/id_rsa
-  IPQoS lowdelay throughput
-# KbdInteractiveDevices pam
-# LocalCommand none
-# LocalForward none
-# LogLevel INFO
-  MACs hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-sha1-96,hmac-md5,hmac-md5-96
-# NoHostAuthenticationForLocalhost no
   NumberOfPasswordPrompts 2
   PasswordAuthentication yes
-# PermitLocalCommand no
-# Port 22
-# PreferredAuthentications gssapi-with-mic,hostbased,publickey,keyboard-interactive,password
   Protocol 2
-# ProxyCommand
-# PubkeyAuthentication yes
-# RekeyLimit 1G-4G #depends on cipher
-# RemoteForward
-# RhostsRSAAuthentication no
-# RSAAuthentication no
-# ServerAliveCountMax 3
   ServerAliveInterval 45
-  SetupTimeOut 10
-# SmartcardDevice off
   StrictHostKeyChecking yes
-# TCPKeepAlive yes
-# Tunnel no
-# TunnelDevice any:any
-# UsePrivilegedPort no
-# UserKnownHostsFile ~/.ssh/known_hosts
-# VerifyHostKeyDNS no
+  #UpdateHostKeys no
+  VerifyHostKeyDNS ask
   VisualHostKey no
-# XAuthLocation /usr/X11R6/bin/xauth