F5F Stay Refreshed Power Users Networks Extend or modify the SSH configuration file.

Extend or modify the SSH configuration file.

Extend or modify the SSH configuration file.

H
hihi3456
Member
Find
65
02-18-2016, 10:25 PM
#1
I have a moderately intricate network configuration. Each data center features an access host, which we'll refer to as the gatekeeper, that you must link to before accessing any hosts via SSH. Below is an illustration of how to reach 10.199.199.4 Host * with ForwardAgent enabled and ServerAliveCountMax set to 4. The gatekeeper is identified as gc1, and the domain is .com. PubkeyAuthentication is disabled. The hostname is gc1, located in L3, and labeled as otherfakestuff. Domain details are provided for reference.

When connecting to 10.199.199.4, you would use a proxy command to route through the pseudo-host gatekeeper in Boston via L3. If you connected to 10.199.198, it would link to the pseudo-host gatekeeper in LA through AT&T. I'm unable to devise a regex that efficiently handles multiple appearances of the same IP block. Therefore, a tool capable of comprehensively parsing SSH configuration files seems essential. Essentially, you require a JSON parser tailored for SSH configs—something that can interpret the full file structure and apply its rules accurately.

The only requirement is obtaining the appropriate ProxyCommand for each IP address. The examples available generally don't account for duplicate entries, so I believe a solution that fully understands SSH configuration is necessary. You'll need to provide the resulting ProxyCommand call. The rest of this process can be handled by automated scripts or parallel jobs, targeting each gatekeeper individually. This approach would streamline the task compared to manual execution across all 100 gatekeepers.
Reply
Reply
H
hihi3456
02-18-2016, 10:25 PM #1

I have a moderately intricate network configuration. Each data center features an access host, which we'll refer to as the gatekeeper, that you must link to before accessing any hosts via SSH. Below is an illustration of how to reach 10.199.199.4 Host * with ForwardAgent enabled and ServerAliveCountMax set to 4. The gatekeeper is identified as gc1, and the domain is .com. PubkeyAuthentication is disabled. The hostname is gc1, located in L3, and labeled as otherfakestuff. Domain details are provided for reference.

When connecting to 10.199.199.4, you would use a proxy command to route through the pseudo-host gatekeeper in Boston via L3. If you connected to 10.199.198, it would link to the pseudo-host gatekeeper in LA through AT&T. I'm unable to devise a regex that efficiently handles multiple appearances of the same IP block. Therefore, a tool capable of comprehensively parsing SSH configuration files seems essential. Essentially, you require a JSON parser tailored for SSH configs—something that can interpret the full file structure and apply its rules accurately.

The only requirement is obtaining the appropriate ProxyCommand for each IP address. The examples available generally don't account for duplicate entries, so I believe a solution that fully understands SSH configuration is necessary. You'll need to provide the resulting ProxyCommand call. The rest of this process can be handled by automated scripts or parallel jobs, targeting each gatekeeper individually. This approach would streamline the task compared to manual execution across all 100 gatekeepers.

Reply
Reply