[PATCH] Allow matching HostName against Host entries

Alan Barrett apb at cequrux.com
Mon Apr 15 16:57:14 EST 2013 

On Fri, 12 Apr 2013, Damien Miller wrote:
>A better option might be to allow specification of the suffix order in
>ssh_config itself. E.g.
>
>HostnameSuffixes mel.int.spectre.com int.spectre.com spectre.com

That would help in many cases, but not in all cases.

I have aliases in ssh.conf that do not resemble the FQDN of the 
host (e.g. "dev" => "server123.department.company.tld").  Even if 
they do match the first label of the FQDN, I might prefer explicit 
configuration to some kind of HostnameSuffixes search.

I want something that will significantly reduce the amount of 
duplication in configurations like this:

     Host dev
         HostName server123.dept.company.tld
         HostKeyAlias server123.dept.company.tld
         UserName U34567
         IdentityFile "~/.ssh/keys/key-for-most-servers-at-company"
         # maybe more options duplicated here

     Host test
         HostName server475.dept.company.tld
         HostKeyAlias server475.dept.company.tld
         UserName U34567
         IdentityFile "~/.ssh/keys/key-for-most-servers-at-company"
         # maybe more options duplicated here

     Host prod
         HostName server931.dept.company.tld
         HostKeyAlias server931.dept.company.tld
         UserName U34567
         IdentityFile "~/.ssh/keys/key-for-production-servers"
         # maybe more options duplicated here

     Host server931.dept.company.tld
         IdentityFile "~/.ssh/keys/key-for-production-servers"

     Host *.dept.company.tld
         UserName U34567
         IdentityFile "~/.ssh/keys/key-for-most-servers-at-company"
         # maybe more options specified here

"MatchHostName yes" would work fine for me, but I might prefer 
different syntax, like the "ExpandHostName" idea that was 
suggested in another sub-thread.  Then I could replace the above 
configuration with this:

     Host dev
         ExpandHostName server123.dept.company.tld

     Host test
         ExpandHostName server475.dept.company.tld

     Host prod
         ExpandHostName server931.dept.company.tld

     Host server931.dept.company.tld
         IdentityFile "~/.ssh/keys/key-for-production-servers"

     Host *.dept.company.tld
         UserName U34567
         IdentityFile "~/.ssh/keys/key-for-most-servers-at-company"
         # maybe more options specified here

--apb (Alan Barrett)

More information about the openssh-unix-dev mailing list