From e95ecc04b733df21c83e36b803c85f447f147004 Mon Sep 17 00:00:00 2001 From: David Runge Date: Sun, 22 May 2022 18:53:45 +0200 Subject: openssh: Do not use identity files .ssh/config: Switch all hosts that are already configured to do so away from using a specific IdentityFile. Most hosts are now configured to use a ssh key that is provided via gnupg's ssh-agent facility. Add remote camera host. Remove obsolete Arch Linux related hosts. Remove all Holoplot related hosts. --- .ssh/config | 279 +++--------------------------------------------------------- 1 file changed, 12 insertions(+), 267 deletions(-) diff --git a/.ssh/config b/.ssh/config index 55cef45..8db791b 100644 --- a/.ssh/config +++ b/.ssh/config @@ -1,11 +1,11 @@ +Match host * exec "gpg-connect-agent updatestartuptty /bye" + # hop hosts Host groutefsf Compression yes ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p Hostname routefsf - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 Port 22 ProxyJump sleepmap.de User dave @@ -15,8 +15,6 @@ Host gapu-access ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p Hostname apu-access - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 Port 22 ProxyJump sleepmap.de User dave @@ -32,6 +30,15 @@ Host gsmbfsf ProxyJump sleepmap.de,routefsf User dave +Host gcamera + Compression yes + ControlMaster auto + ControlPath ~/.ssh/socket-%r@%h:%p + Hostname 10.10.24.139 + Port 22 + ProxyJump sleepmap.de,routefsf + User alarm + Host gchristina Compression yes ControlMaster auto @@ -48,8 +55,6 @@ Host gdvzrv ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p Hostname dvzrv - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 Port 22 ProxyJump sleepmap.de User dave @@ -59,8 +64,6 @@ Host gtrvlr ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p Hostname trvlr - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 Port 22 ProxyJump sleepmap.de User dave @@ -71,8 +74,6 @@ Host apu-access-unlock ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p HostName apu-access-unlock - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 Port 22 ServerAliveInterval 120 StrictHostkeyChecking no @@ -83,8 +84,6 @@ Host apu-access ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p HostName apu-access - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 Port 22 ServerAliveInterval 120 StrictHostkeyChecking no @@ -95,8 +94,6 @@ Host apu-serve-unlock ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p HostName apu-serve-unlock - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 Port 22 ServerAliveInterval 120 StrictHostkeyChecking no @@ -107,8 +104,6 @@ Host apu-serve ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p HostName apu-serve - IdentityFile ~/.ssh/id_ed25519 - IdentitiesOnly yes Port 22 ServerAliveInterval 120 User dave @@ -118,8 +113,6 @@ Host dvzrv ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p HostName dvzrv - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 Port 22 ServerAliveInterval 120 User dave @@ -129,8 +122,6 @@ Host hmbx-unlock ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p Hostname hmbx - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 StrictHostkeyChecking no Port 22 User root @@ -140,17 +131,14 @@ Host trvlr ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p Hostname trvlr - IdentityFile ~/.ssh/id_ed25519 - IdentitiesOnly yes Port 22 + User dave Host trvlr-unlock Compression yes ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p Hostname trvlr - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 StrictHostkeyChecking no Port 22 User root @@ -160,8 +148,6 @@ Host aur.archlinux.org Compression yes ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519_aur Port 22 User aur @@ -169,8 +155,6 @@ Host build.archlinux.org Compression yes ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519_aur Port 22 User dvzrv @@ -178,28 +162,6 @@ Host mail.archlinux.org Compression yes ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519_aur - Port 22 - User dvzrv - -Host orion.archlinux.org - Compression yes - ControlMaster auto - ControlPath ~/.ssh/socket-%r@%h:%p - Hostname orion.archlinux.org - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519_aur - Port 22 - User dvzrv - -Host soyuz.archlinux.org - Compression yes - ControlMaster auto - ControlPath ~/.ssh/socket-%r@%h:%p - Hostname soyuz.archlinux.org - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519_aur Port 22 User dvzrv @@ -208,8 +170,6 @@ Host pkgbuild.com ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p Hostname pkgbuild.com - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519_aur Port 22 User dvzrv @@ -218,28 +178,6 @@ Host repos.archlinux.org ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p Hostname repos.archlinux.org - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519_aur - Port 22 - User dvzrv - -Host git.archlinux.org - Compression yes - ControlMaster auto - ControlPath ~/.ssh/socket-%r@%h:%p - Hostname git.archlinux.org - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519_aur - Port 22 - User dvzrv - -Host luna.archlinux.org - Compression yes - ControlMaster auto - ControlPath ~/.ssh/socket-%r@%h:%p - Hostname luna.archlinux.org - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519_aur Port 22 User dvzrv @@ -249,8 +187,6 @@ Host shell.c-base.org ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p Hostname shell.c-base.org - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 Port 22 User dave @@ -260,8 +196,6 @@ Host github ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p Hostname github.com - IdentityFile ~/.ssh/id_ed25519_github - IdentitiesOnly yes Port 22 User git @@ -271,8 +205,6 @@ Host caduceus.rescue ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p Hostname caduceus - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 Port 22 StrictHostKeyChecking no User root @@ -282,8 +214,6 @@ Host caduceus.unlock ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p Hostname caduceus - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 Port 22 StrictHostKeyChecking no User root @@ -293,8 +223,6 @@ Host caduceus ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p Hostname caduceus - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 Port 22 User dave @@ -303,8 +231,6 @@ Host nws4 ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p Hostname nws4 - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 Port 22 User dave @@ -313,8 +239,6 @@ Host sleepmap ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p Hostname sleepmap.de - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 Port 22 User dave @@ -324,8 +248,6 @@ Host linuxaudio.org ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p Hostname linuxaudio.org - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 Port 22 User dvzrv @@ -334,182 +256,5 @@ Host mail.linuxaudio.org ControlMaster auto ControlPath ~/.ssh/socket-%r@%h:%p Hostname mail.linuxaudio.org - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 Port 22 User dvzrv - -# unix-pool -Host pool - Compression yes - ControlMaster auto - ControlPath ~/.ssh/socket-%r@%h:%p - HostName pool.math.tu-berlin.de - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 - Port 22 - User runge - -# work -Host ploto - Compression yes - ControlMaster auto - ControlPath ~/.ssh/socket-%r@%h:%p - Hostname ploto - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 - Port 22 - -Host ploto-unlock - Compression yes - ControlMaster auto - ControlPath ~/.ssh/socket-%r@%h:%p - Hostname ploto - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 - Port 22 - User root - -Host rpi3-1 - Compression yes - ControlMaster auto - ControlPath ~/.ssh/socket-%r@%h:%p - Hostname rpi3-1 - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 - Port 22 - User alarm - -Host rpi3-2 - Compression yes - ControlMaster auto - ControlPath ~/.ssh/socket-%r@%h:%p - Hostname rpi3-2 - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 - Port 22 - User alarm - -Host redis_alboin - Compression yes - ControlMaster auto - ControlPath ~/.ssh/socket-%r@%h:%p - Hostname 10.150.0.2 - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 - Port 22 - ProxyJump linux-builder-1 - User holoplot - -Host linux-builder-1 - Compression yes - ControlMaster auto - ControlPath ~/.ssh/socket-%r@%h:%p - Hostname linux-builder-1 - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 - Port 22 - User holoplot - -Host aws-production-api-testing - Compression yes - ControlMaster auto - ControlPath ~/.ssh/socket-%r@%h:%p - Hostname ec2-52-29-244-57.eu-central-1.compute.amazonaws.com - IdentitiesOnly yes - IdentityFile ~/.ssh/production-api-external_testing.pem - Port 22 - User fedora - -Host gholoplot-postgres_alboin - Compression yes - ControlMaster auto - ControlPath ~/.ssh/socket-%r@%h:%p - Hostname 10.150.0.2 - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 - Port 22 - ProxyJump holoplot-linux-builder-1 - User holoplot - -Host gholoplot-production-api-production - Compression yes - ControlMaster auto - ControlPath ~/.ssh/socket-%r@%h:%p - Hostname production-api.holoplot.net - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 - Port 22 - ProxyJump holoplot-linux-builder-1 - User alarm - -Host gholoplot-production-api-testing - Compression yes - ControlMaster auto - ControlPath ~/.ssh/socket-%r@%h:%p - Hostname production-api-testing.holoplot.net - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 - Port 22 - ProxyJump holoplot-linux-builder-1 - User alarm - -Host holoplot-github - Compression yes - ControlMaster auto - ControlPath ~/.ssh/socket-%r@%h:%p - Hostname github.com - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519_holoplot - Port 22 - User git - -Host holoplot-postgres_alboin - Compression yes - ControlMaster auto - ControlPath ~/.ssh/socket-%r@%h:%p - Hostname 10.150.0.2 - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 - Port 22 - User holoplot - -Host holoplot-production-api-production - Compression yes - ControlMaster auto - ControlPath ~/.ssh/socket-%r@%h:%p - Hostname production-api.holoplot.net - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 - Port 22 - User alarm - -Host holoplot-production-api-testing - Compression yes - ControlMaster auto - ControlPath ~/.ssh/socket-%r@%h:%p - Hostname production-api-testing.holoplot.net - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 - Port 22 - User alarm - -Host holoplot-linux-builder-1 - Compression yes - ControlMaster auto - ControlPath ~/.ssh/socket-%r@%h:%p - Hostname linux-builder-1.holoplot.net - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 - Port 22 - User holoplot - -Host production-api-host - Compression yes - ControlMaster auto - ControlPath ~/.ssh/socket-%r@%h:%p - Hostname production-api-host.holoplot.net - IdentitiesOnly yes - IdentityFile ~/.ssh/id_ed25519 - Port 22 - User admin -- cgit v1.2.3-54-g00ecf