view .ssh/config @ 190:f5969673c794

A couple keepalive type config settings
author Steve Huston <huston@srhuston.net>
date Fri, 10 Apr 2020 17:03:24 -0400
parents 83f164405755
children 8206a14c8c62
line wrap: on
line source

# Turn things off for floyd - it doesn't need them
Host floyd-mgmt floyd-mgmt.astro.internal
  ForwardAgent no
  ForwardX11 no
  ForwardX11Trusted no

# Let's try a proxy connection here
Host xanadu.astro.princeton.edu
  User huston
  ControlMaster auto
  ControlPersist yes
  ControlPath ~/.ssh/sockets/%C
  ServerAliveInterval 30
  # This is the default, putting here to document
  ServerAliveCountMax 3

Match host csesbh2.princeton.edu exec "~/.ssh/onsubnet --not 128.112."
  ProxyJump xanadu.astro.princeton.edu

Host csesbh2.princeton.edu
  User huston
  ControlMaster auto
  ControlPersist yes
  ControlPath ~/.ssh/sockets/%C
  ServerAliveInterval 30
  # This is the default, putting here to document
  ServerAliveCountMax 3

# xanadu-vm and syrinx's keys change, let's try to avoid errors
Host xanadu-vm syrinx xanadu-vm.astro.princeton.edu syrinx.astro.princeton.edu
  User huston
  StrictHostKeyChecking no
  ForwardAgent yes
  ForwardX11 yes
  ForwardX11Trusted yes

# Everything is fine for the Raspberry Pi, just need a different user
Host cake cake.srhuston.net
  User pi
  ForwardAgent yes
  ForwardX11 yes
  ForwardX11Trusted yes

# Allow everything for CSES, astro, and home hosts w/ FQDN
Host cses*.princeton.edu *.rc.princeton.edu *.rc *.astro.princeton.edu *.srhuston.net
  User huston
  ForwardAgent yes
  ForwardX11 yes
  ForwardX11Trusted yes

# Deny everything for other hosts w/ a dot
Host *.*
  ForwardAgent no
  ForwardX11 no
  ForwardX11Trusted no

# Now allow for anything else - if we're typing a single hostname, it's likely
# trusted.
Host *
  User huston
  ForwardAgent yes
  ForwardX11 yes
  ForwardX11Trusted yes