blob: 663a702a0356655ce3194a57dc23d0a535c91d42 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
# === BEGIN: TCWG SSH configuration ===
#
# !!! THIS MUST BE COPIED TO THE START OF YOUR ~/.SSH/CONFIG FILE. !!!
# !!! IF YOU REPORT A PROBLEM WITH SSH, AND THIS CONFIGURATION IS NOT !!!
# !!! AT THE START OF YOUR FILE -- YOU HAVE OBVIOUSLY MISSED THIS VERY !!!
# !!! IMPORTANT NOTE. AS PENANCE, YOU WILL READ THIS NOTE OUT LOUD. !!!
#
Host *.tcwglab *.aus-colo people.linaro.org aus-colo.linaro.org lab.validation.linaro.org
#User @LDAP_USER@
#IdentityFile ~/.ssh/id_rsa
# Proxy connections to custom ssh servers (inside containers) on firewalled
# hosts through "main" ssh server on that host.
# E.g., "ssh -p32768 proxy.dev-01.tcwglab"
Host *proxy.*
ProxyCommand ssh $(echo %h | sed -e "s/proxy\.//") nc -q0 localhost %p
# Access to Austin Colo. E.g., "ssh r1-a7.aus-colo"
Host *.aus-colo
ProxyCommand ssh aus-colo.linaro.org nc -q0 %h %p
# Access to LAVA Lab. E.g., "ssh root@10.7.0.18.lab"
Host *.lab
ProxyCommand ssh lab.validation.linaro.org nc -q0 $(basename %h .lab) %p
Host *.tcwglab *.aus-colo *.lab
# Enable automatic multiplexing.
ControlMaster auto
# Soften up potential problems with killing master connection by using
# ControlPersist (which puts the master connection in background).
# Also ControlPersist has an undocumented feature that it will clean-up
# and replace stale ssh socket from a zombie connection.
ControlPersist 5m
# Put the ssh socket on /tmp. Note that overlayfs can't host sockets,
# so we always arrange /tmp to be on a ext4 or equivalent FS.
ControlPath /tmp/ssh-%u-%r@%h:%p
# There is little point in forwarding X11 to machines outside of local network.
ForwardX11 no
# Forward authentication agent and keep private keys in one place.
ForwardAgent yes
# Ping server every 5min to avoid routers dropping connection.
# This matches -o BatchMode=yes setting used in cross-testing (see ABE)
ServerAliveInterval 300
# Disable checking of host keys for boards behind gateways.
# !!! BE BECAREFUL TO ONLY DO THIS FOR MACHINES BEHIND SSH GATEWAY OR VPN !!!
StrictHostKeyChecking no
# Don't store host keys for one-time containers
UserKnownHostsFile /dev/null
# Don't warn about "adding" host keys to /dev/null
LogLevel FATAL
# Make sure we can connect to localhost (e.g., to a container running
# on localhost) with the settings for *.tcwglab, *.aus-colo, *.lab
Host localhost.tcwglab localhost.aus-colo localhost.lab
Hostname localhost
Host git.linaro.org dev-private-git.linaro.org
User git
# === END: TCWG SSH configuration ===
|
