From 2a7a15c0ede8434a00e178135be3f6543f21a5e1 Mon Sep 17 00:00:00 2001 From: Mikaela Suomalainen Date: Thu, 21 May 2020 14:27:19 +0300 Subject: [PATCH] deduplicate ssh_config --- .mikaela/ssh/config | 81 +-------------------------------------------- .mikaela_install | 2 +- 2 files changed, 2 insertions(+), 81 deletions(-) mode change 100644 => 120000 .mikaela/ssh/config diff --git a/.mikaela/ssh/config b/.mikaela/ssh/config deleted file mode 100644 index 074b7108..00000000 --- a/.mikaela/ssh/config +++ /dev/null @@ -1,80 +0,0 @@ -# My SSH config. This does leak existense of some hosts where I have -# access, but they should require SSH key authentication anyway. - -Host * - # Path for the control socket. - ControlPath ~/.ssh/sockets/socket-%r@%h:%p - # Multiple sessions over single connection - ControlMaster yes - # Keep connection open in the background even after connection has been - # closed. - ControlPersist yes - - ForwardAgent no - ForwardX11 no - - # Ensure KnownHosts are unreadable if leaked. - HashKnownHosts yes - - LogLevel VERBOSE - Protocol 2 - - # Always try public key authentication. - PubkeyAuthentication yes - - # Send needed environment variables. I don't like setting wildcards - # and LC_ALL is disabled on purpouse. - SendEnv EDITOR LANG LANGUAGE LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT LC_IDENTIFICATION TERM TZ - - # If the server doesn't reply in three "pings", connection is dead. - # Defaults to 3 anyway, but I add it here for clearity and - # in case it decides to change in the future. - ServerAliveCountMax 3 - - # "ping" the server every minute. - ServerAliveInterval 60 - - # OpenSSH 6.8+ - ask all host keys from servers. - # I trust the server admins and ways to identify the keys (DNSSEC, - # manual). - UpdateHostKeys yes - - # Workaround CVE-2016-0777 & CVE-0778 on OpenSSH < 7.1p2 - UseRoaming no - - # Verify SSHFP records. If this is yes, the question is skipped when - # DNSSEC is used, but apparently only "ask" and "no" write known_hosts - # However with "ask" you won't be told whether the zone is signed, so - # I consider "yes" to be the least evil. - VerifyHostKeyDNS yes - -Host aur.archlinux.org - User aur - -Host ccx_shell - HostName ccx.webprojekty.cz - Port 24022 - User mikaela - -Host hilla - HostName hilla.kapsi.fi - User mikaela - -Host lakka - HostName lakka.kapsi.fi - User mikaela - LocalForward 127.0.0.1:9001 127.0.0.1:30614 - -Host meetingology - HostName ubottu.com - User meetingology - -Host synvaler - AddressFamily inet6 - HostName synvaler.mikaela.info - User nemo - -Host tezagm - HostName tezagm.mikaela.info - User mikaela - diff --git a/.mikaela/ssh/config b/.mikaela/ssh/config new file mode 120000 index 00000000..6a38a68e --- /dev/null +++ b/.mikaela/ssh/config @@ -0,0 +1 @@ +../../etc/ssh/ssh_config \ No newline at end of file diff --git a/.mikaela_install b/.mikaela_install index d50f4a43..55924fb3 100755 --- a/.mikaela_install +++ b/.mikaela_install @@ -12,7 +12,7 @@ cat .mikaela/environment > ~/.environment cat .mikaela/gitconfig > ~/.gitconfig mkdir -p ~/.ssh cat .mikaela/keys/ssh > ~/.ssh/authorized_keys -cat .mikaela/ssh/config > ~/.ssh/config +cat etc/ssh/ssh_config > ~/.ssh/config touch ~/.MIKAELA_GREP set +x # vim : set ft=sh :