~/.ssh/config magic for WMF hosts
ActivePublic
Actions

Authored by bd808 on Jul 29 2015, 3:48 PM.

Tags

None

Referenced Files

	F283424: ~/.ssh/config magic for WMF hosts
	Jul 29 2015, 3:50 PM

	F283421: ~/.ssh/config magic for WMF hosts
	Jul 29 2015, 3:50 PM

	F283417: ~/.ssh/config magic for WMF hosts
	Jul 29 2015, 3:48 PM

Subscribers

None

	# WMF Labs
	Host gerrit gerrit.wikimedia.org
	Hostname gerrit.wikimedia.org
	Port 29418
	User <YOUR GERRIT SHELL NAME HERE (eg bd808)>
	IdentityFile <PATH TO YOUR GERRIT SSH KEY HERE (eg ~/.ssh/gerrit_rsa)>

	Host bastion.wmflabs.org
	ProxyCommand none
	ControlMaster no

	Host .wmflabs .wmflabs.org
	User <YOUR LABS SHELL NAME HERE (eg bd808)>
	IdentityFile <PATH TO YOUR LABS SSH KEY HERE (eg ~/.ssh/wmflabs_rsa)>
	IdentitiesOnly yes

	Host *.wmflabs
	ProxyCommand ssh -a -W %h:%p bastion.wmflabs.org


	# WMF Prod
	Host bast1001.wikimedia.org
	ProxyCommand none
	ControlMaster no

	Host .eqiad.wmnet .codfw.wmnet *.wikimedia.org !gerrit.wikimedia.org
	User <YOUR PROD SHELL NAME HERE (eg bd808)>
	IdentityFile <PATH TO YOUR PROD SSH KEY HERE (eg ~/.ssh/cluster_rsa)>
	IdentitiesOnly yes
	ProxyCommand ssh -a -W %h:%p bast1001.wikimedia.org


	# Use strong ciphers when connecting to WMF servers
	Host .wmnet .wmflabs *.wikimedia.org !gerrit.wikimedia.org
	Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
	KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256

	# Global defaults
	Host *
	ForwardAgent no
	ForwardX11 no
	Protocol 2,1
	ControlMaster auto
	ControlPath ~/.ssh/sockets/%C
	KeepAlive yes
	ServerAliveInterval 60
	PreferredAuthentications publickey

bd808 changed the title of this paste from untitled to ~/.ssh/config magic for WMF hosts.

bd808 updated the paste's language from autodetect to autodetect.

bd808 edited the content of this paste. (Show Details)

~/.ssh/config magic for WMF hostsActivePublicActions