I'm trying to define a compact SSH config that matches 3 host naming schemes but also matching many wildcard possibilities, all with a single Host
definition like so:
Host xyz-*.domain.com xyz-* xyz*
HostName xyz-%h.domain.com
User ubuntu
IdentityFile ~/.ssh/id_rsa
ProxyCommand nc -x proxy.company.com %h %p
The idea is to match all these hosts, but connect only to the fully qualified version (to reduce the # of entries in the "known_hosts
" file):
xyz-dev.domain.com
=xyz-dev
=xyzdev
xyz-test.domain.com
=xyz-test
=xyztest
xyz-prod.domain.com
=xyz-prod
=xyzprod
- etc.
I know the the above HostName
value won't work, as I'm trying to find a way to perform a "regex capture" of sorts in the Host
and use it in the HostName
expansion.
By using some more advanced config syntax, I managed to come up with a much less readable form that mostly works except the need to still manually accept host keys or having them ignored altogether (not ideal), which still automatically adds them into the "known_hosts
" file.
Match exec "echo %h | grep -Eq '^xyz-?[^.]+(\.domain\.com|)$'"
User ubuntu
IdentityFile ~/.ssh/id_rsa
ProxyCommand nc -x proxy.company.com $(echo "%h" | sed -rn 's/^xyz-?([^.]+).*/xyz-\1/p').domain.com %p
# StrictHostKeyChecking no
Is there a better way? It would be great if HostName
itself allowed the same kind of shell manipulation that I'm using the ProxyCommand
for, but I haven't seen any evidence for that.