search

datalad / datalad.org

Website sources of datalad.org
https://www.datalad.org
4 stars 10 forks source link

ENH: comment on SSH_USER variable #28

Closed yarikoptic closed 7 years ago

yarikoptic commented 7 years ago

But FWIW I would like to reiterate that ~/.ssh/config solution is more scalable, e.g. we coud just have

Host datalad-website
   Hostname datalad.org
   Port 22
   User whoever
   # Use whenever behind some weird firewall needing to jump through another host
   #  ProxyCommand ssh -q -A gateway 'nc -w1 %h %p'

thus encapsulating all the knowledge about how to reach datalad-website host via ssh in a single place, possibly tuned for a particular user/network/scenario (easy to define multiple hosts sharing everything but not e.g. Hostname ;))

aqw commented 7 years ago

@yarikoptic Yeah, Michael and I argued about this. .ssh/config has a lot of value, but I just don't use it for situations like this. And I have many users connecting to many machines from my machine (testing, etc). Having a local .ssh/config getting involved is a bad idea in that environment.

As an aside, I see you are using ProxyCommand. Take a look at the new ProxyJump (-J) command/option. It requires a recent OpenSSH client and server (Debian Stretch and later), but is really quite nice.

---Alex

aqw commented 7 years ago

@yarikoptic Thanks for the patch. :-)