From 90386fb5c84eb35e9a9686044061b633093599ca Mon Sep 17 00:00:00 2001 From: David Runge Date: Thu, 30 Sep 2021 00:07:05 +0200 Subject: ssh: Sanitize config .ssh/config: Remove all ForwardAgent settings and replace ProxyCommand with ProxyJump. Add groutefsf, gapu-access, gsmbfsf, build.archlinux.org. Update settings for nws4 (rely on hosts file to determine IP), and aws-production-api-testing. --- .ssh/config | 72 ++++++++++++++++++++++++++++++++++++++++++++++--------------- 1 file changed, 55 insertions(+), 17 deletions(-) diff --git a/.ssh/config b/.ssh/config index 82c9d25..dcd1ef2 100644 --- a/.ssh/config +++ b/.ssh/config @@ -1,39 +1,68 @@ # hop hosts +Host groutefsf + Compression yes + ControlMaster auto + ControlPath ~/.ssh/socket-%r@%h:%p + Hostname routefsf + IdentitiesOnly yes + IdentityFile ~/.ssh/id_ed25519 + Port 22 + ProxyJump sleepmap.de + User dave + +Host gapu-access + Compression yes + ControlMaster auto + ControlPath ~/.ssh/socket-%r@%h:%p + Hostname apu-access + IdentitiesOnly yes + IdentityFile ~/.ssh/id_ed25519 + Port 22 + ProxyJump sleepmap.de + User dave + +Host gsmbfsf + Compression yes + ControlMaster auto + ControlPath ~/.ssh/socket-%r@%h:%p + Hostname smbfsf + IdentitiesOnly yes + IdentityFile ~/.ssh/id_ed25519 + Port 22 + ProxyJump sleepmap.de,routefsf + User dave + Host gchristina Compression yes ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p - ForwardAgent yes Hostname christina IdentitiesOnly yes IdentityFile ~/.ssh/id_ed25519 Port 22 - ProxyCommand ssh sleepmap -W %h:%p - ServerAliveInterval 120 + ProxyJump sleepmap.de User dave Host gdvzrv Compression yes ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p - ForwardAgent yes Hostname dvzrv IdentitiesOnly yes IdentityFile ~/.ssh/id_ed25519 Port 22 - ProxyCommand ssh dave@sleepmap.de -W %h:%p + ProxyJump sleepmap.de User dave Host gtrvlr Compression yes ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p - ForwardAgent yes Hostname trvlr IdentitiesOnly yes IdentityFile ~/.ssh/id_ed25519 Port 22 - ProxyCommand ssh sleepmap.de -W %h:%p + ProxyJump sleepmap.de User dave # home @@ -74,15 +103,15 @@ Host apu-serve-unlock User root Host apu-serve - HostName apu-serve - Port 22 - User dave - ServerAliveInterval 120 Compression yes - IdentityFile ~/.ssh/id_ed25519 - IdentitiesOnly yes ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p + HostName apu-serve + IdentityFile ~/.ssh/id_ed25519 + IdentitiesOnly yes + Port 22 + ServerAliveInterval 120 + User dave Host dvzrv Compression yes @@ -136,6 +165,15 @@ Host aur.archlinux.org Port 22 User aur +Host build.archlinux.org + Compression yes + ControlMaster auto + ControlPath ~/.ssh/socket-%r@%h:%p + IdentitiesOnly yes + IdentityFile ~/.ssh/id_ed25519_aur + Port 22 + User dvzrv + Host orion.archlinux.org Compression yes ControlMaster auto @@ -255,7 +293,7 @@ Host nws4 Compression yes ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p - Hostname 85.10.206.200 + Hostname nws4 IdentitiesOnly yes IdentityFile ~/.ssh/id_ed25519 Port 22 @@ -368,11 +406,11 @@ Host aws-production-api-testing Compression yes ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p - Hostname ec2-3-21-56-55.us-east-2.compute.amazonaws.com + Hostname ec2-52-29-244-57.eu-central-1.compute.amazonaws.com IdentitiesOnly yes - IdentityFile ~/.ssh/id_rsa + IdentityFile ~/.ssh/production-api-external_testing.pem Port 22 - User admin + User fedora Host gholoplot-postgres_alboin Compression yes -- cgit v1.2.3-70-g09d2