Mercurial > index.cgi > dotfiles

annotate .ssh/config @ 300:95129e7fb0ac

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Let's make that persist too
author Steve Huston <huston@srhuston.net>
date Mon, 14 Apr 2025 15:44:06 -0400
parents 283c6f6c64c5
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
203
f163a6073c48 Merge shared connections into one; add proxyjump for home and a couple other nice options
Steve Huston <huston@astro.princeton.edu>
parents: 202
diff changeset
1 # Host-specific things at the top, and get less specific as you go; first
f163a6073c48 Merge shared connections into one; add proxyjump for home and a couple other nice options
Steve Huston <huston@astro.princeton.edu>
parents: 202
diff changeset
2 # match wins
f163a6073c48 Merge shared connections into one; add proxyjump for home and a couple other nice options
Steve Huston <huston@astro.princeton.edu>
parents: 202
diff changeset
3
158
d8596a04bdb1 Updating floyd config
Steve Huston <huston@astro.princeton.edu>
parents: 131
diff changeset
4 # Turn things off for floyd - it doesn't need them
264
bb69763716a7 Buncha changes for floyd thanks to RHEL8
Steve Huston <huston@princeton.edu>
parents: 235
diff changeset
5 # And with RHEL8 it got worse, this thing needs to be retired...
bb69763716a7 Buncha changes for floyd thanks to RHEL8
Steve Huston <huston@princeton.edu>
parents: 235
diff changeset
6 Host floyd floyd-mgmt floyd-mgmt.astro.internal
bb69763716a7 Buncha changes for floyd thanks to RHEL8
Steve Huston <huston@princeton.edu>
parents: 235
diff changeset
7 HostName floyd-mgmt
46
82999776304f * Added config for Floyd to prevent errors
huston@80426f53-59d1-405d-934b-f07cd76f4a1a
parents: 38
diff changeset
8 ForwardAgent no
82999776304f * Added config for Floyd to prevent errors
huston@80426f53-59d1-405d-934b-f07cd76f4a1a
parents: 38
diff changeset
9 ForwardX11 no
82999776304f * Added config for Floyd to prevent errors
huston@80426f53-59d1-405d-934b-f07cd76f4a1a
parents: 38
diff changeset
10 ForwardX11Trusted no
264
bb69763716a7 Buncha changes for floyd thanks to RHEL8
Steve Huston <huston@princeton.edu>
parents: 235
diff changeset
11 IdentitiesOnly yes
bb69763716a7 Buncha changes for floyd thanks to RHEL8
Steve Huston <huston@princeton.edu>
parents: 235
diff changeset
12 IdentityFile ~/.ssh/old/dsa2.pvt
bb69763716a7 Buncha changes for floyd thanks to RHEL8
Steve Huston <huston@princeton.edu>
parents: 235
diff changeset
13 KexAlgorithms +diffie-hellman-group1-sha1
bb69763716a7 Buncha changes for floyd thanks to RHEL8
Steve Huston <huston@princeton.edu>
parents: 235
diff changeset
14 HostKeyAlgorithms +ssh-dss
bb69763716a7 Buncha changes for floyd thanks to RHEL8
Steve Huston <huston@princeton.edu>
parents: 235
diff changeset
15 PubkeyAcceptedKeyTypes +ssh-dss
bb69763716a7 Buncha changes for floyd thanks to RHEL8
Steve Huston <huston@princeton.edu>
parents: 235
diff changeset
16 Ciphers +3des-cbc
46
82999776304f * Added config for Floyd to prevent errors
huston@80426f53-59d1-405d-934b-f07cd76f4a1a
parents: 38
diff changeset
17
203
f163a6073c48 Merge shared connections into one; add proxyjump for home and a couple other nice options
Steve Huston <huston@astro.princeton.edu>
parents: 202
diff changeset
18 # If we're not on the Princeton wired network, csesbh2 should proxy through
f163a6073c48 Merge shared connections into one; add proxyjump for home and a couple other nice options
Steve Huston <huston@astro.princeton.edu>
parents: 202
diff changeset
19 # xanadu
186
83f164405755 New 'onsubnet' command, new config for master controls
Steve Huston <huston@astro.princeton.edu>
parents: 158
diff changeset
20 Match host csesbh2.princeton.edu exec "~/.ssh/onsubnet --not 128.112."
83f164405755 New 'onsubnet' command, new config for master controls
Steve Huston <huston@astro.princeton.edu>
parents: 158
diff changeset
21 ProxyJump xanadu.astro.princeton.edu
83f164405755 New 'onsubnet' command, new config for master controls
Steve Huston <huston@astro.princeton.edu>
parents: 158
diff changeset
22
299
283c6f6c64c5 And start treating parapet like the bastion it is
Steve Huston <huston@princeton.edu>
parents: 294
diff changeset
23 # Likewise, td-parapet connections should proxy through xanadu
283c6f6c64c5 And start treating parapet like the bastion it is
Steve Huston <huston@princeton.edu>
parents: 294
diff changeset
24 Match host td-parapet.princeton.edu exec "~/.ssh/onsubnet --not 128.112."
283c6f6c64c5 And start treating parapet like the bastion it is
Steve Huston <huston@princeton.edu>
parents: 294
diff changeset
25 ProxyJump xanadu.astro.princeton.edu
283c6f6c64c5 And start treating parapet like the bastion it is
Steve Huston <huston@princeton.edu>
parents: 294
diff changeset
26
203
f163a6073c48 Merge shared connections into one; add proxyjump for home and a couple other nice options
Steve Huston <huston@astro.princeton.edu>
parents: 202
diff changeset
27 # If we're not on Princeton wired network, and not at home, then connections
f163a6073c48 Merge shared connections into one; add proxyjump for home and a couple other nice options
Steve Huston <huston@astro.princeton.edu>
parents: 202
diff changeset
28 # to joshua should tunnel through xanadu
265
df0b24d4fabd Think I'm ready to check this all in now; shared dotfiles that can be "sent"
Steve Huston <huston@srhuston.net>
parents: 264
diff changeset
29 Match host joshua.srhuston.net exec "~/.ssh/onsubnet --not 128.112. && ~/.ssh/athome --not"
203
f163a6073c48 Merge shared connections into one; add proxyjump for home and a couple other nice options
Steve Huston <huston@astro.princeton.edu>
parents: 202
diff changeset
30 ProxyJump xanadu.astro.princeton.edu
f163a6073c48 Merge shared connections into one; add proxyjump for home and a couple other nice options
Steve Huston <huston@astro.princeton.edu>
parents: 202
diff changeset
31
f163a6073c48 Merge shared connections into one; add proxyjump for home and a couple other nice options
Steve Huston <huston@astro.princeton.edu>
parents: 202
diff changeset
32 # But if we *are* home, convert joshua into its internal IP address
265
df0b24d4fabd Think I'm ready to check this all in now; shared dotfiles that can be "sent"
Steve Huston <huston@srhuston.net>
parents: 264
diff changeset
33 Match host joshua.srhuston.net exec "~/.ssh/athome"
283
09a1242050d3 Moving to the new host today
Steve Huston <huston@srhuston.net>
parents: 282
diff changeset
34 HostName 192.168.7.241
203
f163a6073c48 Merge shared connections into one; add proxyjump for home and a couple other nice options
Steve Huston <huston@astro.princeton.edu>
parents: 202
diff changeset
35
283
09a1242050d3 Moving to the new host today
Steve Huston <huston@srhuston.net>
parents: 282
diff changeset
36 # Old joshua host (Lenovo)
09a1242050d3 Moving to the new host today
Steve Huston <huston@srhuston.net>
parents: 282
diff changeset
37 Match host oldjoshua exec "~/.ssh/athome"
09a1242050d3 Moving to the new host today
Steve Huston <huston@srhuston.net>
parents: 282
diff changeset
38 HostName 192.168.7.49
280
5140712f8bd6 Config for new joshua host's IP, probably easier to get used to a new IP than
Steve Huston <huston@srhuston.net>
parents: 265
diff changeset
39
213
283c952b0455 Adding some local (home) hosts
Steve Huston <huston@srhuston.net>
parents: 209
diff changeset
40 # Some "local" hosts, rather than configuring DNS or hosts files
265
df0b24d4fabd Think I'm ready to check this all in now; shared dotfiles that can be "sent"
Steve Huston <huston@srhuston.net>
parents: 264
diff changeset
41 Match host milton exec "~/.ssh/athome"
213
283c952b0455 Adding some local (home) hosts
Steve Huston <huston@srhuston.net>
parents: 209
diff changeset
42 HostName 192.168.7.56
283c952b0455 Adding some local (home) hosts
Steve Huston <huston@srhuston.net>
parents: 209
diff changeset
43
265
df0b24d4fabd Think I'm ready to check this all in now; shared dotfiles that can be "sent"
Steve Huston <huston@srhuston.net>
parents: 264
diff changeset
44 Match host syrinx exec "~/.ssh/athome"
213
283c952b0455 Adding some local (home) hosts
Steve Huston <huston@srhuston.net>
parents: 209
diff changeset
45 HostName 192.168.7.109
283c952b0455 Adding some local (home) hosts
Steve Huston <huston@srhuston.net>
parents: 209
diff changeset
46
265
df0b24d4fabd Think I'm ready to check this all in now; shared dotfiles that can be "sent"
Steve Huston <huston@srhuston.net>
parents: 264
diff changeset
47 Match host aprs exec "~/.ssh/athome"
213
283c952b0455 Adding some local (home) hosts
Steve Huston <huston@srhuston.net>
parents: 209
diff changeset
48 HostName 192.168.7.57
218
81d5d7484f31 Forgot to specify user for that one
Steve Huston <huston@srhuston.net>
parents: 213
diff changeset
49 User pi
213
283c952b0455 Adding some local (home) hosts
Steve Huston <huston@srhuston.net>
parents: 209
diff changeset
50
288
ab94cd41d4fa Retropie has a home again
Steve Huston <huston@srhuston.net>
parents: 283
diff changeset
51 Match host retropie exec "~/.ssh/athome"
ab94cd41d4fa Retropie has a home again
Steve Huston <huston@srhuston.net>
parents: 283
diff changeset
52 HostName 192.168.7.221
ab94cd41d4fa Retropie has a home again
Steve Huston <huston@srhuston.net>
parents: 283
diff changeset
53 User pi
ab94cd41d4fa Retropie has a home again
Steve Huston <huston@srhuston.net>
parents: 283
diff changeset
54
294
a4bf322037a6 New IP for the PDP-11/70 emulation rPi
Steve Huston <huston@srhuston.net>
parents: 288
diff changeset
55 Match host pdp-11 exec "~/.ssh/athome"
a4bf322037a6 New IP for the PDP-11/70 emulation rPi
Steve Huston <huston@srhuston.net>
parents: 288
diff changeset
56 HostName 192.168.7.217
a4bf322037a6 New IP for the PDP-11/70 emulation rPi
Steve Huston <huston@srhuston.net>
parents: 288
diff changeset
57 User pi
a4bf322037a6 New IP for the PDP-11/70 emulation rPi
Steve Huston <huston@srhuston.net>
parents: 288
diff changeset
58
203
f163a6073c48 Merge shared connections into one; add proxyjump for home and a couple other nice options
Steve Huston <huston@astro.princeton.edu>
parents: 202
diff changeset
59 # Shared connection for xanadu, csesbh2, and joshua
235
2b3e169f8182 Updating proxy setting, forgot I wasn't using a controlmaster there
Steve Huston <huston@srhuston.net>
parents: 222
diff changeset
60 # Including w2zq too, though I don't usually want those to stick around -
2b3e169f8182 Updating proxy setting, forgot I wasn't using a controlmaster there
Steve Huston <huston@srhuston.net>
parents: 222
diff changeset
61 # they'll get canceled when the proxy use is finished
300
95129e7fb0ac Let's make that persist too
Steve Huston <huston@srhuston.net>
parents: 299
diff changeset
62 Host xanadu.astro.princeton.edu csesbh2.princeton.edu td-parapet.princeton.edu joshua.srhuston.net w2zq.mywire.org
186
83f164405755 New 'onsubnet' command, new config for master controls
Steve Huston <huston@astro.princeton.edu>
parents: 158
diff changeset
63 User huston
83f164405755 New 'onsubnet' command, new config for master controls
Steve Huston <huston@astro.princeton.edu>
parents: 158
diff changeset
64 ControlMaster auto
83f164405755 New 'onsubnet' command, new config for master controls
Steve Huston <huston@astro.princeton.edu>
parents: 158
diff changeset
65 ControlPersist yes
83f164405755 New 'onsubnet' command, new config for master controls
Steve Huston <huston@astro.princeton.edu>
parents: 158
diff changeset
66 ControlPath ~/.ssh/sockets/%C
190
f5969673c794 A couple keepalive type config settings
Steve Huston <huston@srhuston.net>
parents: 186
diff changeset
67 ServerAliveInterval 30
f5969673c794 A couple keepalive type config settings
Steve Huston <huston@srhuston.net>
parents: 186
diff changeset
68 # This is the default, putting here to document
f5969673c794 A couple keepalive type config settings
Steve Huston <huston@srhuston.net>
parents: 186
diff changeset
69 ServerAliveCountMax 3
186
83f164405755 New 'onsubnet' command, new config for master controls
Steve Huston <huston@astro.princeton.edu>
parents: 158
diff changeset
70
105
3f1ead4ba8b4 Changes for the Pi:
Steve Huston <huston@astro.princeton.edu>
parents: 89
diff changeset
71 # Everything is fine for the Raspberry Pi, just need a different user
3f1ead4ba8b4 Changes for the Pi:
Steve Huston <huston@astro.princeton.edu>
parents: 89
diff changeset
72 Host cake cake.srhuston.net
3f1ead4ba8b4 Changes for the Pi:
Steve Huston <huston@astro.princeton.edu>
parents: 89
diff changeset
73 User pi
3f1ead4ba8b4 Changes for the Pi:
Steve Huston <huston@astro.princeton.edu>
parents: 89
diff changeset
74 ForwardAgent yes
3f1ead4ba8b4 Changes for the Pi:
Steve Huston <huston@astro.princeton.edu>
parents: 89
diff changeset
75 ForwardX11 yes
3f1ead4ba8b4 Changes for the Pi:
Steve Huston <huston@astro.princeton.edu>
parents: 89
diff changeset
76 ForwardX11Trusted yes
3f1ead4ba8b4 Changes for the Pi:
Steve Huston <huston@astro.princeton.edu>
parents: 89
diff changeset
77
209
d7f327fd082f Add *.local to ssh configs
Steve Huston <huston@astro.princeton.edu>
parents: 203
diff changeset
78 # Allow everything for CSES, astro, local, and home hosts w/ FQDN
d7f327fd082f Add *.local to ssh configs
Steve Huston <huston@astro.princeton.edu>
parents: 203
diff changeset
79 Host cses*.princeton.edu *.rc.princeton.edu *.rc *.astro.princeton.edu *.srhuston.net *.local
105
3f1ead4ba8b4 Changes for the Pi:
Steve Huston <huston@astro.princeton.edu>
parents: 89
diff changeset
80 User huston
38
9373507ce560 * Adding .ssh/config to version control
huston@80426f53-59d1-405d-934b-f07cd76f4a1a
parents:
diff changeset
81 ForwardAgent yes
9373507ce560 * Adding .ssh/config to version control
huston@80426f53-59d1-405d-934b-f07cd76f4a1a
parents:
diff changeset
82 ForwardX11 yes
9373507ce560 * Adding .ssh/config to version control
huston@80426f53-59d1-405d-934b-f07cd76f4a1a
parents:
diff changeset
83 ForwardX11Trusted yes
222
27bc245f4194 Keep yourself alive
Steve Huston <huston@astro.princeton.edu>
parents: 218
diff changeset
84 ServerAliveInterval 30
38
9373507ce560 * Adding .ssh/config to version control
huston@80426f53-59d1-405d-934b-f07cd76f4a1a
parents:
diff changeset
85
9373507ce560 * Adding .ssh/config to version control
huston@80426f53-59d1-405d-934b-f07cd76f4a1a
parents:
diff changeset
86 # Deny everything for other hosts w/ a dot
9373507ce560 * Adding .ssh/config to version control
huston@80426f53-59d1-405d-934b-f07cd76f4a1a
parents:
diff changeset
87 Host *.*
9373507ce560 * Adding .ssh/config to version control
huston@80426f53-59d1-405d-934b-f07cd76f4a1a
parents:
diff changeset
88 ForwardAgent no
9373507ce560 * Adding .ssh/config to version control
huston@80426f53-59d1-405d-934b-f07cd76f4a1a
parents:
diff changeset
89 ForwardX11 no
9373507ce560 * Adding .ssh/config to version control
huston@80426f53-59d1-405d-934b-f07cd76f4a1a
parents:
diff changeset
90 ForwardX11Trusted no
9373507ce560 * Adding .ssh/config to version control
huston@80426f53-59d1-405d-934b-f07cd76f4a1a
parents:
diff changeset
91
9373507ce560 * Adding .ssh/config to version control
huston@80426f53-59d1-405d-934b-f07cd76f4a1a
parents:
diff changeset
92 # Now allow for anything else - if we're typing a single hostname, it's likely
9373507ce560 * Adding .ssh/config to version control
huston@80426f53-59d1-405d-934b-f07cd76f4a1a
parents:
diff changeset
93 # trusted.
9373507ce560 * Adding .ssh/config to version control
huston@80426f53-59d1-405d-934b-f07cd76f4a1a
parents:
diff changeset
94 Host *
105
3f1ead4ba8b4 Changes for the Pi:
Steve Huston <huston@astro.princeton.edu>
parents: 89
diff changeset
95 User huston
38
9373507ce560 * Adding .ssh/config to version control
huston@80426f53-59d1-405d-934b-f07cd76f4a1a
parents:
diff changeset
96 ForwardAgent yes
9373507ce560 * Adding .ssh/config to version control
huston@80426f53-59d1-405d-934b-f07cd76f4a1a
parents:
diff changeset
97 ForwardX11 yes
9373507ce560 * Adding .ssh/config to version control
huston@80426f53-59d1-405d-934b-f07cd76f4a1a
parents:
diff changeset
98 ForwardX11Trusted yes
222
27bc245f4194 Keep yourself alive
Steve Huston <huston@astro.princeton.edu>
parents: 218
diff changeset
99 ServerAliveInterval 30