-
Notifications
You must be signed in to change notification settings - Fork 1
/
ssh.cfg
46 lines (41 loc) · 1.76 KB
/
ssh.cfg
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
# This does not work due to limitations in Vagrant
# Instead, pass raw_ssh_args in Vagrantfile
# Host localhost
# IdentitiesOnly yes
## equivalent to
## ssh -oKexAlgorithms=diffie-hellman-group1-sha1 [email protected]
Host partners partners* spl
User gr892
HostName ssh.research.partners.org
# HostName ssh1.research.partners.org
# Don't know how the agent forwarding works if this is also load balanced
KexAlgorithms diffie-hellman-group1-sha1
# ProxyCommand ssh -o 'ForwardAgent yes' ssh.research.partners.org 'ssh-add && nc %h %p'
ServerAliveInterval 10
# by setting up a private key on partners bastion host, and copying the public key to
# the target web servers, I'm able to now jump through partners to get "directly" to C
# ssh -t partners ssh web1
# which is shorthand for
# ssh -t -oKexAlgorithms=diffie-hellman-group1-sha1 -i ~/.ssh/id_rsa [email protected] ssh -i /home/gr892/.ssh/id_rsa [email protected]
Host web*
User grundlett
IdentityFile /home/gr892/.ssh/id_rsa
ServerAliveInterval 10
# Not sure if I need/can use this since getting from A to C
# Through a proxy command doesn't appear to be getting
# past the key negotiating step
# ForwardAgent yes
# by using a specific host alias, I can control which port-forwarding options
# I am using, and thus connect to either remote database server
# Bear in mind that the .ssh/config file on partners is set to forward
# each of these ports to their respective web/database server
Host partners1
LocalForward 33307 localhost:33307
Host partners2
LocalForward 33308 localhost:33308
Host web1
HostName d905-1.BWH.Harvard.edu
ProxyCommand ssh -t partners nc %h:%p
Host web2
HostName d905-2.BWH.Harvard.edu
ProxyCommand ssh -t partners nc %h:%p