Host selection in ssh_config
Jean-Michel Elyn (MAILZ)
jean-michel.elyn at mailz.org
Fri Apr 8 23:24:32 EST 2011
Hello there,
I'm a little afraid of writing here, hope I don't make any mistake doing
so. I'm trying for days and searching the web too, but no obvious
solution, no reply from the specialized forum I wrote in.
Here is the situation:
I would like to have a lighter security inside our domain, without
changing when going outside. By "lighter security" I mean at least, no
host key check; we often install and re-install hosts and managing all
that public keys is heavy. Then my goal is to have two different
configurations when targeting a host:
* inside our domain: "StrictHostKeyChecking no" and "UserKnownHostsFile
/dev/null".
* into the Wild: "StrictHostKeyChecking yes" and "UserKnownHostsFile
~/.ssh/known_hosts".
And now my problem:
The easiest way to sort target hosts, I thought, was to select our
domain in ssh_config:
# inside
Host *.our_domain
parameters
# outside
Host *
parameters
However, the hostname used is the one written in the command, I suppose:
"ssh a_host.our_domain" works fine! But "ssh a_host" does not. Of course
we all avoid writing our domain. So I wanted to check whether a domain
is provided (a point "." should exist):
# inside
Host !*.*
parameters
# outside
Host *
parameters
Unfortunately it doesn't work... I tried many other possibilities but
all failed. Is there a solution to that problem? If yes how to do? If
not is it a bug? Thanks for your help.
Jean-Michel.
More information about the openssh-unix-dev
mailing list