git.lirion.de

Of git, get, and gud

about summary refs log tree commit diff stats

path: root/localfs/var/lib/libvirt/isos/debian/debian-9.4.0-amd64-netinst.iso

blob: e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 (plain)

ntrolMaster: to use SSH multiplexing with ProxyCommand (e.g. to reach host b through host a) # Host b # Hostname b.example.com # ProxyCommand ssh a.example.com -W %h:%p # # controlpath, controlmaster are the same as above # # For older SSH daemons: RSA SHA-1 is being quickly deprecated across OSes for various security # vulnerabilities. If you need to re-enable that (e.g. for hardware like network devices which are # often prone to vulnerabilities due to slow upgrading), you can re-enable this and you SHOULD do # this ONLY for specific hosts. (Yes, this ofc also affects clients - which it did on an Arch Linux here.) # Also see https://www.openssh.com/txt/release-8.2 # In any case you should check whether your device understands rsa-sha2-* signature algorithms. While # testing this, I found out that "ssh-keygen -trsa" made my keys SHA-1 so far – you might want to change # that to "-t rsa-sha2-256" or whatever and check whether you can still connect to the RSA requiring hosts. # If you have a proper naming convention for your devices, you can still easily wildcard this. If you # don't, you either don't have many devices or you moronically did not think device names through. ;-) # Host sophos* *-mik-* # PubkeyAcceptedKeyTypes +ssh-rsa