dotfiles: .ssh/config comparison

Merge shared connections into one; add proxyjump for home and a couple other nice options

author	Steve Huston <huston@astro.princeton.edu>
date	Tue, 24 Nov 2020 10:59:34 -0500
parents	8206a14c8c62
children	d7f327fd082f

comparison

equal deleted inserted replaced

-:8206a14c8c62
+:f163a6073c48
+# Host-specific things at the top, and get less specific as you go; first
+# match wins
 # Turn things off for floyd - it doesn't need them
 Host floyd-mgmt floyd-mgmt.astro.internal
 ForwardAgent no
 ForwardX11 no
 ForwardX11Trusted no
-# Let's try a proxy connection here
+# If we're not on the Princeton wired network, csesbh2 should proxy through
-Host xanadu.astro.princeton.edu
+# xanadu
-User huston
-ControlMaster auto
-ControlPersist yes
-ControlPath ~/.ssh/sockets/%C
-ServerAliveInterval 30
-# This is the default, putting here to document
-ServerAliveCountMax 3
 Match host csesbh2.princeton.edu exec "~/.ssh/onsubnet --not 128.112."
 ProxyJump xanadu.astro.princeton.edu
-Host csesbh2.princeton.edu
+# If we're not on Princeton wired network, and not at home, then connections
+# to joshua should tunnel through xanadu
+Match host joshua.srhuston.net exec "~/.ssh/onsubnet --not 128.112. && [[ `curl -s checkip.amazonaws.com` != 100.11.40.19 ]]"
+ProxyJump xanadu.astro.princeton.edu
+# But if we *are* home, convert joshua into its internal IP address
+Match host joshua.srhuston.net exec "test `curl -s checkip.amazonaws.com` == 100.11.40.19"
+HostName 192.168.7.49
+# Shared connection for xanadu, csesbh2, and joshua
+Host xanadu.astro.princeton.edu csesbh2.princeton.edu joshua.srhuston.net
 User huston
 ControlMaster auto
 ControlPersist yes
 ControlPath ~/.ssh/sockets/%C
 ServerAliveInterval 30

Mercurial > index.cgi > dotfiles