X-Git-Url: https://git.madduck.net/etc/ssh.git/blobdiff_plain/d49b1a5b7ecf9bb0121997748f43dabc0e2f971d..0466bdfd8ba7708d3b20bccddeeadff75212f39d:/.ssh/config.in diff --git a/.ssh/config.in b/.ssh/config.in index b417e4b..bdc3ea2 100644 --- a/.ssh/config.in +++ b/.ssh/config.in @@ -4,6 +4,10 @@ Host 127.0.0.1 | localhost ForwardX11Trusted yes NoHostAuthenticationForLocalhost yes +Match host *.madduck.net + StrictHostKeyChecking ask + VerifyHostKeyDNS ask + ### CHARADE KVM HOST Host charade.madduck.net | charade @@ -25,11 +29,35 @@ Host matilda.madduck.net | matilda Host vizier.madduck.net | vizier ForwardAgent yes Hostname vizier.madduck.net +Host admin.madduck.net | admin + Hostname admin.madduck.net + HostKeyAlias vizier.madduck.net + User git Host ambassador.madduck.net | ambassador ForwardAgent yes Hostname ambassador.madduck.net +Host alan.madduck.net | alan + ForwardAgent yes + Hostname alan.madduck.net + +Host swan.madduck.net | swan + ForwardAgent yes + Hostname swan.madduck.net +Host irc-host.madduck.net | irc-host + User madduck + HostKeyAlias swan.madduck.net + ConnectTimeout 60 + +Host pulse.madduck.net | pulse + ForwardAgent yes + Hostname pulse.madduck.net + +Host seamus.madduck.net | seamus + ForwardAgent yes + Hostname seamus.madduck.net + ### KHYBER KVM HOST Host khyber.madduck.net | khyber @@ -40,6 +68,10 @@ Host khyber-vnc ControlPath none Hostname khyber.madduck.net +Host bike.madduck.net | bike + ForwardAgent yes + Hostname bike.madduck.net + Host lotus.madduck.net | lotus ForwardAgent yes Hostname lotus.madduck.net @@ -82,12 +114,6 @@ Host ssh443.madduck.net | ssh443 Host openvpn.madduck.net | openvpn HostKeyAlias sysyphus.madduck.net -Host wots.madduck.net | wots - ForwardAgent yes - Hostname wots.madduck.net -Host buildd.debian.madduck.net | buildd - HostKeyAlias wots.madduck.net - ### UNI ZURICH MACHINES Host diamond.madduck.net | diamond @@ -127,27 +153,23 @@ Host franz.ifi.uzh.ch | franz Hostname franz.ifi.uzh.ch User krafft -### SWAN / BYTEMARK +### PIPER / BYTEMARK -Host swan-host | swan-host.madduck.net - Hostname swan-host.madduck.net - User krafft +Host piper.madduck.net | piper + Hostname piper.madduck.net + +### CIRRUS / HETZNER + +Host cirrus.madduck.net | cirrus + Hostname cirrus.madduck.net -Host swan.madduck.net | swan - ForwardAgent yes - Hostname swan.madduck.net ### ARNOLD / GPLHOST Host arnold.madduck.net | arnold - ForwardAgent yes Hostname arnold.madduck.net Host arnold-host | arnold-host.madduck.net Hostname arnold-host.madduck.net User xen05 -Host irc - User madduck - Hostname arnold.madduck.net - ConnectTimeout 60 ### GERN @@ -159,27 +181,17 @@ Host wall.gern.madduck.net | wall Host julia.gern.madduck.net | julia Hostname julia.gern.madduck.net ForwardAgent yes -Host juliae - Hostname wall.gern.madduck.net - Port 22002 - CheckHostIP no - ForwardAgent yes ForwardX11 yes - HostKeyAlias julia.gern.madduck.net Host git.gern.madduck.net | git.gern ForwardAgent yes HostKeyAlias julia.gern.madduck.net - -Host fishbowl.gern.madduck.net | fishbowl.gern +Host annex.gern.madduck.net | annex.gern ForwardAgent yes - ForwardX11 yes - HostKeyAlias fishbowl - -Host galaxy-s2.phones.gern | galaxy-s2 - Hostname galaxy-s2.phones.gern - HostKeyAlias galaxy-s2.phones.gern - User root + HostKeyAlias julia.gern.madduck.net +Host shared.gern.madduck.net | shared.gern + ForwardAgent yes + HostKeyAlias julia.gern.madduck.net Host pict.gern.madduck.net | pict Hostname pict.gern.madduck.net @@ -192,7 +204,7 @@ Host visitor*.gern.madduck.net | visitor*.gern | visitor* ### LEHEL -Host clegg.lehel.madduck.net | clegg +Host clegg.lehel.madduck.net | clegg.lehel | clegg CheckHostIP no ForwardAgent yes Hostname clegg.lehel.madduck.net @@ -202,18 +214,6 @@ Host albatross.lehel.madduck.net | albatross.lehel | albatross ForwardAgent yes ForwardX11 yes HostKeyAlias albatross.lehel -Host albatrosse - Hostname wall.lehel.madduck.net - Port 22032 - CheckHostIP no - ForwardAgent yes - ForwardX11 yes - HostKeyAlias albatross.lehel - -Host fishbowl.lehel.madduck.net | fishbowl.lehel - ForwardAgent yes - ForwardX11 yes - HostKeyAlias fishbowl ### GAUTING @@ -255,13 +255,38 @@ Host atom.mtvic.madduck.net | atom.mtvic | atom ### ROAD WARRIORS -Host fishbowl +Host fishbowl.* CheckHostIP no ForwardAgent yes ForwardX11 yes + HostKeyAlias fishbowl + +Host fishbowl | fishbowl.rw.madduck.net + CheckHostIP no + ForwardAgent yes + ForwardX11 yes + HostKeyAlias fishbowl + ProxyCommand bash -c "TARGETS=$( (TRIES=%h.{gern,lehel,rw}.madduck.net; eval fping -aAC1 -t100 $TRIES; eval fping6 -aAC1 -t100 $TRIES; wait) 2>&1 | sed -rne 's, : ([[:digit:]]), @\1,p' | sort -t@ -k2n | sed -ne 's, .*,,p' | tr '\n' ','); echo Targets: \$TARGETS using \${TARGETS%%%%,*} … >&2; nc -vq0 \${TARGETS%%%%,*} %p" + +### LOCAL VIRT HOSTS + +Host *.virt | 192.168.122.* | red | green | blue | yellow | black | white | orange | violet + CheckHostIP no + ForwardAgent yes + StrictHostKeyChecking no + UserKnownHostsFile /dev/null + ControlMaster no + CanonicalDomains virt + CanonicalizeHostname yes + CanonicalizeFallbackLocal no + CanonicalizeMaxDots 0 ### DEBIAN +Match host *.debian.org + StrictHostKeyChecking ask + VerifyHostKeyDNS ask + Host scm.alioth.debian.org HostKeyAlias moszumanska.debian.org User madduck @@ -863,17 +888,38 @@ Host zemlinsky.debian.org | zemlinsky Hostname zemlinsky.debian.org User madduck -Host nelson.debconf.org | penta.debconf.org | nelson | summit +Host nelson.debconf.org | penta.debconf.org | nelson | summit | summit.debconf.org Hostname nelson.debconf.org - ProxyCommand ssh people.debian.org nc -q0 %h %p + ProxyCommand ssh sysyphus.madduck.net nc -q0 %h %p + +Host kent.debconf.org | kent + Hostname kent.debconf.org + ProxyCommand ssh sysyphus.madduck.net nc -q0 %h %p + +### PENNY + +Host lion.mjollnir.org | lion | fog.mjollnir.org | fog + Hostname lion.mjollnir.org ### TILDE CLUB -Host remotes-club | remotes.club +Host remotes.club Hostname remotes.club Port 9022 User madduck +Host tilde.camp + Hostname tilde.camp + User madduck + +Host squiggle.city + Hostname squiggle.city + User madduck + +Host tilde.city + Hostname 001.tilde.city + User madduck + ### NZ Host workbuffer.org | nz @@ -889,63 +935,21 @@ Host github.com | github ### DEFAULTS Host * -# AddressFamily any -# BatchMode no -# CheckHostIP yes - Cipher blowfish -# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr -# ClearAllForwardings no -# Compression no -# CompressionLevel 6 -# ConnectionAttempts 1 + IgnoreUnknown * ConnectTimeout 10 ControlPath ~/.var/ssh/ssh_control_%l_%h_%p_%r ControlMaster auto ControlPersist 30 -## DSAAuthentication no -# DynamicForward off -# EnableSSHKeysign no -# EscapeChar ~ ExitOnForwardFailure yes ForwardAgent no ForwardX11 no -# ForwardX11Trusted yes -# GatewayPorts no -# GlobalKnownHostsFile /etc/ssh/ssh_known_hosts + ForwardX11Trusted no HashKnownHosts no -# HostbasedAuthentication no - HostKeyAlgorithms ssh-rsa -# IdentityFile ~/.ssh/identity - IdentityFile2 ~/.ssh/id_rsa - IPQoS lowdelay throughput -# KbdInteractiveDevices pam -# LocalCommand none -# LocalForward none -# LogLevel INFO - MACs hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-sha1-96,hmac-md5,hmac-md5-96 -# NoHostAuthenticationForLocalhost no NumberOfPasswordPrompts 2 PasswordAuthentication yes -# PermitLocalCommand no -# Port 22 -# PreferredAuthentications gssapi-with-mic,hostbased,publickey,keyboard-interactive,password Protocol 2 -# ProxyCommand -# PubkeyAuthentication yes -# RekeyLimit 1G-4G #depends on cipher -# RemoteForward -# RhostsRSAAuthentication no -# RSAAuthentication no -# ServerAliveCountMax 3 ServerAliveInterval 45 - SetupTimeOut 10 -# SmartcardDevice off StrictHostKeyChecking yes -# TCPKeepAlive yes -# Tunnel no -# TunnelDevice any:any -# UsePrivilegedPort no -# UserKnownHostsFile ~/.ssh/known_hosts -# VerifyHostKeyDNS no + UpdateHostKeys ask + VerifyHostKeyDNS ask VisualHostKey no -# XAuthLocation /usr/X11R6/bin/xauth