algo/roles/ssh_tunneling/templates/ssh_config.j2 at fd6efb71f255739c1e50e8222c6c5fab99df5709 - wallenstein/algo - Forgejo

wallenstein/algo

mirror of https://github.com/trailofbits/algo.git synced 2025-04-11 11:47:08 +02:00

Dima Scherbakov fd6efb71f2

ssh_config: ignore pre-existing SSH keys on client (#14646 )

sshd limits the number of authentication attempts permitted per
established connection.
The limit is set via the MaxAuthTries option and defaults to six
attempts.

Client SSH environments that define more than six SSH keys globally or
in the agent would exhaust authentication attempts before they reach the
algo-specified per-instance SSH private key.

SSH client allows "forgetting" existing keys per connection using the
IdentitiesOnly option.
A client only offers an explicitly defined key when this option is set.

2023-09-27 18:15:35 +03:00

8 lines

187 B

Django/Jinja

Raw Blame History

 Host algo
   DynamicForward 127.0.0.1:1080
   LogLevel quiet
   Compression yes
   IdentitiesOnly yes
   IdentityFile {{ item }}.ssh.pem
   User {{ item }}
   Hostname {{ IP_subject_alt_name }}