X-Git-Url: https://git.madduck.net/etc/ssh.git/blobdiff_plain/de2f4f923ac0c3841f2f6c15c64433ca842e816b..60686b68838e619ff8bfd4646326d1ae3f309e35:/.ssh/config.in?ds=inline diff --git a/.ssh/config.in b/.ssh/config.in index dbc8336..3ea908e 100644 --- a/.ssh/config.in +++ b/.ssh/config.in @@ -4,281 +4,397 @@ Host 127.0.0.1 | localhost ForwardX11Trusted yes NoHostAuthenticationForLocalhost yes -Host pulse.madduck.net | pulse +### CHARADE KVM HOST + +Host charade.madduck.net | charade ForwardAgent yes - Hostname pulse.madduck.net -Host svn.madduck.net | svn + Hostname charade.madduck.net +Host charade-vnc + ControlMaster no + ControlPath none + Hostname charade.madduck.net + +Host emily.madduck.net | emily + ForwardAgent yes + Hostname emily.madduck.net + +Host matilda.madduck.net | matilda + ForwardAgent yes + Hostname matilda.madduck.net +Host irc-host.madduck.net | irc-host User madduck - HostKeyAlias pulse.madduck.net + HostKeyAlias matilda.madduck.net + ConnectTimeout 60 + +Host vizier.madduck.net | vizier + ForwardAgent yes + Hostname vizier.madduck.net +Host admin.madduck.net | admin + Hostname admin.madduck.net + HostKeyAlias vizier.madduck.net + User git + +Host ambassador.madduck.net | ambassador + ForwardAgent yes + Hostname ambassador.madduck.net + +Host alan.madduck.net | alan + ForwardAgent yes + Hostname alan.madduck.net Host git.madduck.net | git - User madduck - HostKeyAlias pulse.madduck.net -Host scratch.madduck.net | scratch - User madduck - HostKeyAlias pulse.madduck.net -Host debian.madduck.net | debian - User madduck - HostKeyAlias pulse.madduck.net + User git + HostKeyAlias alan.madduck.net + +Host swan.madduck.net | swan + ForwardAgent yes + Hostname swan.madduck.net + +Host pulse.madduck.net | pulse + ForwardAgent yes + Hostname pulse.madduck.net +Host seamus.madduck.net | seamus + ForwardAgent yes + Hostname seamus.madduck.net + +Host cymbaline.madduck.net | cymbaline + ForwardAgent yes + Hostname cymbaline.madduck.net + +### KHYBER KVM HOST + +Host khyber.madduck.net | khyber + ForwardAgent yes + Hostname khyber.madduck.net +Host khyber-vnc + ControlMaster no + ControlPath none + Hostname khyber.madduck.net + +Host bike.madduck.net | bike + ForwardAgent yes + Hostname bike.madduck.net + +Host lotus.madduck.net | lotus + ForwardAgent yes + Hostname lotus.madduck.net +Host martin-krafft.net + User madduck + HostKeyAlias lotus.madduck.net Host phd.martin-krafft.net User madduck - HostKeyAlias seamus.madduck.net + HostKeyAlias lotus.madduck.net Host madduck.net User madduck - HostKeyAlias seamus.madduck.net + HostKeyAlias lotus.madduck.net +Host domine.madduck.net | domine + ForwardAgent yes + Hostname domine.madduck.net +Host imap.madduck.net + HostKeyAlias domine.madduck.net + +Host sysyphus.madduck.net | sysyphus + ForwardAgent yes + Hostname sysyphus.madduck.net +Host ssh443.madduck.net | ssh443 + HostKeyAlias sysyphus.madduck.net + ForwardAgent yes + Port 443 +Host openvpn.madduck.net | openvpn + HostKeyAlias sysyphus.madduck.net + +### UNI ZURICH MACHINES + +Host diamond.madduck.net | diamond + ForwardAgent yes + Hostname diamond.madduck.net +Host debian.madduck.net | debian + HostKeyAlias diamond.madduck.net +Host scratch.madduck.net | scratch + User madduck + HostKeyAlias diamond.madduck.net Host tunes.madduck.net | tunes - HostKeyAlias bell.madduck.net + AddressFamily inet + ControlMaster no + Hostname tunes.madduck.net + HostKeyAlias diamond.madduck.net + IPQoS lowdelay af13 +Host flics.madduck.net | flics + AddressFamily inet + ControlMaster no + Hostname flics.madduck.net + HostKeyAlias diamond.madduck.net + IPQoS lowdelay af13 + +Host shelter.madduck.net | shelter + ForwardAgent yes + Hostname shelter.madduck.net +Host backup.madduck.net | backup + HostKeyAlias shelter.madduck.net -Host lapse.madduck.net | lapse.oerlikon.madduck.net | lapse +Host sergei.ifi.uzh.ch | sergei + Hostname sergei.ifi.uzh.ch + User krafft +Host nikolai.ifi.uzh.ch | nikolai + Hostname nikolai.ifi.uzh.ch + User krafft +Host franz.ifi.uzh.ch | franz + Hostname franz.ifi.uzh.ch + User krafft + +### PIPER / BYTEMARK + +Host piper.madduck.net | piper + Hostname piper.madduck.net + +### CIRRUS / HETZNER + +Host cirrus.madduck.net | cirrus + Hostname cirrus.madduck.net + +### ARNOLD / GPLHOST + +Host arnold.madduck.net | arnold + Hostname arnold.madduck.net +Host arnold-host | arnold-host.madduck.net + Hostname arnold-host.madduck.net + User xen05 + +### GERN + +Host wall.gern.madduck.net | wall CheckHostIP no + ForwardAgent yes + Hostname wall.gern.madduck.net + +Host julia.gern.madduck.net | julia + Hostname julia.gern.madduck.net + ForwardAgent yes + ForwardX11 yes + +Host julia-via-diamond + Hostname julia.gern.madduck.net + ProxyJump diamond.madduck.net + +Host git.gern.madduck.net | git.gern + ForwardAgent yes + HostKeyAlias julia.gern.madduck.net +Host annex.gern.madduck.net | annex.gern + ForwardAgent yes + HostKeyAlias julia.gern.madduck.net +Host shared.gern.madduck.net | shared.gern + ForwardAgent yes + HostKeyAlias julia.gern.madduck.net + +Host pict.gern.madduck.net | pict + Hostname pict.gern.madduck.net + ForwardAgent yes + ForwardX11 yes + +Host jugband.gern.madduck.net | jugband.gern | jugband + Hostname jugband.gern.madduck.net + ForwardX11 yes + ForwardAgent yes + HostKeyAlias jugband.gern + +Host visitor*.gern.madduck.net | visitor*.gern | visitor* + StrictHostKeyChecking no + UserKnownHostsFile /dev/null -Host wall.madduck.net | wall.oerlikon.madduck.net | oerlikon.no-up.org | wall +### LEHEL + +Host clegg.lehel.madduck.net | clegg.lehel | clegg CheckHostIP no + ForwardAgent yes + Hostname clegg.lehel.madduck.net + +Host albatross.lehel.madduck.net | albatross.lehel | albatross + Hostname albatross.lehel.madduck.net + ForwardAgent yes + ForwardX11 yes + HostKeyAlias albatross.lehel +Host albatross-luks + Hostname albatross.lehel.madduck.net + StrictHostKeyChecking no + UserKnownHostsFile /dev/null + User root + +Host albatross-via-diamond + Hostname albatross.lehel.madduck.net + ProxyJump diamond.madduck.net -Host embryo.madduck.net | embryo.gauting.madduck.net | gauting.no-ip.org | embryo +### GAUTING + +Host embryo.gauting.madduck.net | embryo CheckHostIP no + ForwardAgent yes + Hostname embryo.gauting.madduck.net + HostKeyAlias embryo.gauting.madduck.net -Host debian-community.org | bikeshed.debian-community.org | bikeshed - Hostname bikeshed.debian-community.org - User madduck - ForwardAgent no - ForwardX11 no +Host mother.gauting | mother | mother.gauting.madduck.net + Hostname mother.gauting + ForwardAgent yes + ForwardX11 yes +Host mothere + Hostname embryo.gauting.madduck.net + Port 22021 + CheckHostIP no + ForwardAgent yes + ForwardX11 yes + HostKeyAlias mother.gauting.madduck.net + +Host brick.gauting.madduck.net | brick + Hostname brick.gauting.madduck.net + ForwardAgent yes + ForwardX11 yes +Host bricke + Hostname embryo.gauting.madduck.net + Port 22222 + CheckHostIP no + ForwardAgent yes + ForwardX11 yes + HostKeyAlias brick.gauting.madduck.net + +### MOUNT VICTORIA + +Host atom.mtvic.madduck.net | atom.mtvic | atom + Hostname atom.mtvic.madduck.net + ForwardAgent yes + +Host atom-via-sysyphus + HostKeyAlias atom.mtvic.madduck.net + ProxyCommand ssh sysyphus.madduck.net nc -q0 localhost 22015 + +Host bell.mtvic.madduck.net | bell.mtvic | bell | chip + Hostname bell.mtvic.madduck.net + ForwardAgent yes + +### ROAD WARRIORS + +Host fishbowl.* + CheckHostIP no + ForwardAgent yes + ForwardX11 yes + HostKeyAlias fishbowl + +Host fishbowl | fishbowl.rw.madduck.net + CheckHostIP no + ForwardAgent yes + ForwardX11 yes + HostKeyAlias fishbowl + ProxyCommand bash -c "TARGETS=$( (TRIES=%h.{gern,lehel,gauting,mtvic,rw}.madduck.net; eval fping -aAC1 -t500 $TRIES 2>&1 & eval fping6 -aAC1 -t500 $TRIES 2>&1; wait) | sed -rne 's, : ([[:digit:]]), @\1,p' | sort -t@ -k2n | sed -ne 's, .*,,p' | tr '\n' ','); echo Targets: \$TARGETS using \${TARGETS%%%%,*} … >&2; exec nc -vq0 \${TARGETS%%%%,*} %p" + +### LOCAL VIRT HOSTS + +Host wafer.virt + RemoteForward 25000 localhost:25 + ForwardX11 yes + +Host red | green | blue | yellow | black | white | orange | violet | wafer + CanonicalDomains virt + CanonicalizeHostname yes + CanonicalizeFallbackLocal no + CanonicalizeMaxDots 0 + VerifyHostKeyDNS no + CheckHostIP no + ForwardAgent yes + StrictHostKeyChecking no + UserKnownHostsFile /dev/null + +### DEBIAN + +Host alioth.debian.org | anonscm.alioth.debian.org | svn.debian.org | git.debian.org | hg.debian.org | cvs.debian.org + HostKeyAlias moszumanska.debian.org + +Host people.debian.org | people + Hostname people.debian.org + HostKeyAlias paradis.debian.org -Host alioth.debian.org | alioth - Hostname alioth.debian.org - User madduck -Host svn.debian.org - HostKeyAlias alioth.debian.org -Host git.debian.org - HostKeyAlias alioth.debian.org -Host hg.debian.org - HostKeyAlias alioth.debian.org - -Host vore.debian.org | vore - Hostname vore.debian.org - User madduck -Host malo.debian.org | malo - Hostname malo.debian.org - User madduck -Host paer.debian.org | paer - Hostname paer.debian.org - User madduck -Host crest.debian.org | crest - Hostname crest.debian.org - User madduck -Host saens.debian.org | saens - Hostname saens.debian.org - User madduck -Host spohr.debian.org | spohr - Hostname spohr.debian.org - User madduck -Host auric.debian.org | auric - Hostname auric.debian.org - User madduck -Host gluck.debian.org | gluck - Hostname gluck.debian.org - User madduck -Host elara.debian.org | elara - Hostname elara.debian.org - User madduck -Host sarti.debian.org | sarti - Hostname sarti.debian.org - User madduck -Host europa.debian.org | europa - Hostname europa.debian.org - User madduck -Host goedel.debian.org | goedel - Hostname goedel.debian.org - User madduck -Host casals.debian.org | casals - Hostname casals.debian.org - User madduck Host master.debian.org | master Hostname master.debian.org + +Match host *.debian.org + StrictHostKeyChecking ask + VerifyHostKeyDNS ask User madduck -Host bartok.debian.org | bartok - Hostname bartok.debian.org - User madduck -Host merulo.debian.org | merulo - Hostname merulo.debian.org - User madduck -Host merkel.debian.org | merkel - Hostname merkel.debian.org - User madduck -Host murphy.debian.org | murphy - Hostname murphy.debian.org - User madduck -Host escher.debian.org | escher - Hostname escher.debian.org - User madduck -Host raptor.debian.org | raptor - Hostname raptor.debian.org - User madduck -Host tartini.debian.org | tartini - Hostname tartini.debian.org - User madduck -Host raff.debian.org | raff - Hostname raff.debian.org - User madduck -Host klecker.debian.org | klecker - Hostname klecker.debian.org - User madduck -Host vaughan.debian.org | vaughan - Hostname vaughan.debian.org - User madduck -Host voltaire.debian.org | voltaire - Hostname voltaire.debian.org - User madduck -Host bruckner.debian.org | bruckner - Hostname bruckner.debian.org - User madduck -Host kullervo.debian.org | kullervo - Hostname kullervo.debian.org - User madduck -Host kullervo.debian.org | kullervo - Hostname kullervo.debian.org - User madduck -Host samosa.debian.org | samosa - Hostname samosa.debian.org - User madduck -Host caballero.debian.org | caballero - Hostname caballero.debian.org - User madduck -Host pergolesi.debian.org | pergolesi - Hostname pergolesi.debian.org - User madduck -Host spontini.debian.org | spontini - Hostname spontini.debian.org - User madduck -Host mayr.debian.org | mayr - Hostname mayr.debian.org - User madduck -Host mayer.debian.org | mayer - Hostname mayer.debian.org - User madduck -Host agnesi.debian.org | agnesi - Hostname agnesi.debian.org - User madduck -Host puccini.debian.org | puccini - Hostname puccini.debian.org - User madduck -Host villa.debian.org | villa - Hostname villa.debian.org - User madduck -Host piatti.debian.org | piatti - Hostname piatti.debian.org - User madduck -Host peri.debian.org | peri - Hostname peri.debian.org - User madduck -Host lobos.debian.org | lobos - Hostname lobos.debian.org - User madduck -Host verdi.debian.org | verdi - Hostname verdi.debian.org - User madduck -Host ries.debian.org | ries - Hostname ries.debian.org - User madduck -Host goetz.debian.org | goetz - Hostname goetz.debian.org - User madduck -Host rietz.debian.org | rietz - Hostname rietz.debian.org - User madduck -Host steffani.debian.org | steffani - Hostname steffani.debian.org - User madduck -Host lebrun.debian.org | lebrun - Hostname lebrun.debian.org - User madduck -Host liszt.debian.org | liszt - Hostname liszt.debian.org - User madduck -Host mundy.debian.org | mundy - Hostname mundy.debian.org - User madduck -Host albeniz.debian.org | albeniz - Hostname albeniz.debian.org - User madduck -Host sperger.debian.org | sperger - Hostname sperger.debian.org - User madduck -Host kassia.debian.org | kassia - Hostname kassia.debian.org - User madduck -Host agricola.debian.org | agricola - Hostname agricola.debian.org - User madduck -Host arcadelt.debian.org | arcadelt - Hostname arcadelt.debian.org - User madduck -Host penalosa.debian.org | penalosa - Hostname penalosa.debian.org + +### DEBCONF + +Host nelson.debconf.org | penta.debconf.org | nelson | summit | summit.debconf.org + Hostname nelson.debconf.org + ProxyJump sysyphus.madduck.net + +Host itchy.debconf.org | itchy | wafer.debconf.org | wafer + Hostname itchy.debconf.org + ProxyJump sysyphus.madduck.net + +Host kent.debconf.org | kent + Hostname kent.debconf.org + ProxyJump sysyphus.madduck.net + +### PENNY + +Host lion.mjollnir.org | lion | fog.mjollnir.org | fog + Hostname lion.mjollnir.org + +### TILDE CLUB + +Host remotes.club + Hostname remotes.club + Port 9022 User madduck -Host argento.debian.org | argento - Hostname argento.debian.org + +Host squiggle.city + Hostname squiggle.city User madduck -Host allegri.debian.org | allegri - Hostname allegri.debian.org + +### NZ + +Host workbuffer.org | nz + Hostname workbuffer.org User madduck +### MISC + +Host github.com | github + Hostname github.com + User git + +Host gitlab.com | gitlab + Hostname gitlab.com + User gitlab + +Host gitlab.debian.net | git.fosscommunity.in + Hostname gitlab.debian.net + User gitlab + +Host grimble.mtfk.de | grimble | mtfk | mtfk.ddns.net + Hostname grimble.mtfk.de + Port 22022 + +### DEFAULTS + +Match host *.madduck.net + StrictHostKeyChecking ask + VerifyHostKeyDNS ask + Host * -# AddressFamily any -# BatchMode no -# CheckHostIP yes - Cipher blowfish -# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr -# ClearAllForwardings no -# Compression no -# CompressionLevel 6 -# ConnectionAttempts 1 + IgnoreUnknown * ConnectTimeout 10 ControlPath ~/.var/ssh/ssh_control_%l_%h_%p_%r ControlMaster auto -## DSAAuthentication no -# DynamicForward off -# EnableSSHKeysign no -# EscapeChar ~ + ControlPersist 30 ExitOnForwardFailure yes ForwardAgent no - ForwardX11 no -# ForwardX11Trusted yes -# GatewayPorts no -# GlobalKnownHostsFile /etc/ssh/ssh_known_hosts + #ForwardX11 no + #ForwardX11Trusted no HashKnownHosts no -# HostbasedAuthentication no - HostKeyAlgorithms ssh-rsa -# IdentityFile ~/.ssh/identity - IdentityFile2 ~/.ssh/id_rsa -# KbdInteractiveDevices pam -# LocalCommand none -# LocalForward none -# LogLevel INFO - MACs hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-sha1-96,hmac-md5,hmac-md5-96 -# NoHostAuthenticationForLocalhost no NumberOfPasswordPrompts 2 PasswordAuthentication yes -# PermitLocalCommand no -# Port 22 -# PreferredAuthentications gssapi-with-mic,hostbased,publickey,keyboard-interactive,password Protocol 2 -# ProxyCommand -# PubkeyAuthentication yes -# RekeyLimit 1G-4G #depends on cipher -# RemoteForward -# RhostsRSAAuthentication no -# RSAAuthentication no -# ServerAliveCountMax 3 -# ServerAliveInterval 45 - SetupTimeOut 10 -# SmartcardDevice off + ServerAliveInterval 45 StrictHostKeyChecking yes -# TCPKeepAlive yes -# Tunnel no -# TunnelDevice any:any -# UsePrivilegedPort no -# UserKnownHostsFile ~/.ssh/known_hosts -# VerifyHostKeyDNS no -# XAuthLocation /usr/X11R6/bin/xauth + #UpdateHostKeys no + VerifyHostKeyDNS ask + VisualHostKey no