secstate
/
dotfiles


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115
							Include ~/.orbstack/ssh/config


Include /Users/powellc/.colima/ssh_config

#CanonicalizeHostname yes
#CanonicalDomains elationemr.com unbl.ink onec.me
#
Host *
    IdentitiesOnly yes

Host github.com
    ServerAliveInterval 300
    ServerAliveCountMax 2
    AddKeysToAgent yes
    IdentityFile ~/.ssh/2025_git

# Home Gitea account:
Host code.unbl.ink git.service 192.168.40.83 gogs*
  User git
  IdentityFile ~/.ssh/2024_git
  PreferredAuthentications publickey
  PasswordAuthentication no
  IdentitiesOnly yes
  Port 222

# Mailinabox uses root by default
Host box.unbl.ink
  IdentityFile ~/.ssh/box_unbl_ink
  User root

Host akna.local
  User pi

Host sdf.org otaku.sdf.org sverige.freeshell.org 
  User secstate

Host cosmic.voyage
  User secstate
  IdentityFile ~/.ssh/cosmic.voyage

Host tilde.club
  User secstate
  IdentityFile ~/.ssh/powellc

# ChicagoVPS
Host pandora.unbl.ink bt2.unbl.ink
  IdentityFile ~/.ssh/pandora
  User root

Host bt1.unbl.ink
  IdentityFile ~/.ssh/2022_h2_powellc
  User root

# LibreELEC
Host ymir.local gerd.local skoll.local thrymr.local tharvis.local thyrmr.local alvaldi.local eggther.local gunnlod.local gridr.local aegir.local fornjot.local
  User root

# Bare metal hosts
Host hati.local tarqeq.local daphnis.local loge.local hyperion.local dione.local phoebe.local iapetus.local titan.local paaliaq.local kiviuq.local kari.local siarnaq.local skathi.local tarvos.local rhea.local erriapus.local mimas.local polydeuces.local mundilfari.local ijiraq.local
  User powellc
  IdentityFile ~/.ssh/2022_h2_powellc

# Inside our network, skip strict host key checking
Host *.local *.service
  StrictHostKeyChecking no
  User root
  #IdentityFile ~/.ssh/2022_h2_powellc
  IdentityFile ~/.ssh/jails


# Root hosts
Host penobscotbaypress.com atlas.local
  User root


#####
## This does the heavy lifting with homelab negotiation
#####

Host bastion.unbl.ink
    Port 44
    User powellc
    IdentityFile ~/.ssh/2022_h2_powellc

Host *.local *.service
    IdentityFile ~/.ssh/2022_h2_powellc
    ServerAliveInterval 300
    ServerAliveCountMax 2
    AddKeysToAgent yes
    VerifyHostKeyDNS no

Host bastion.service
    Port 33

## Jail hosts all need a jump
Match exec "onsubnet 192.168.40." host *.service
  User root
  IdentityFile ~/.ssh/jails
  Hostname %h

Match exec "onsubnet --not 192.168.40." host *.service
  User root
  IdentityFile ~/.ssh/jails
  Hostname %h
  ProxyJump bastion.unbl.ink

  
Host mmpay-bastion.mmstage.dev
  ForwardAgent yes
  Hostname mmpay-bastion.mmstage.dev
  ProxyCommand /opt/homebrew/bin/cloudflared  access ssh --hostname %h

Host devstage-mmpay-0*
  ProxyJump mmpay-bastion.mmstage.dev