gaschz/dotfiles
1
0
Fork 0
mirror of https://github.com/gaschz/dotfiles.git synced 2025-03-01 14:22:33 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat: SSH proxy in Qubes for offline clients

Browse Source
This commit is contained in:
Ben Grande 2024-06-13 15:45:37 +02:00
parent 87b196b3d4
commit 09bb64f652
No known key found for this signature in database
GPG Key ID: 00C64E14F51F9E56
2 changed files with 15 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
files/ssh/.ssh/config
View File

@ -1,7 +1,9 @@
# SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. <ben.grande.b@gmail.com>
# SPDX-FileCopyrightText: 2023 - 2024 Benjamin Grande M. S. <ben.grande.b@gmail.com>
#
# SPDX-License-Identifier: AGPL-3.0-or-later
# vim: ft=sshconfig
## Security configuration is enforced.
Host *
## Distrust the remote
ForwardX11 no
@ -19,6 +21,17 @@ Host *
Ciphers aes256-gcm@openssh.com
MACs hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com
## Load host configuration.
UserKnownHostsFile ~/.ssh/known_hosts.d/%k.host ~/.ssh/known_hosts.d/%h.host
Include ~/.ssh/config.d/*.conf
# vim: ft=sshconfig
## Recommended configuration at last.
Host *
## Connectivity
ControlMaster auto
ControlPath ~/.ssh/control.d/%r@%h:%p
ControlPersist 60s
## Only try fancy Qubes proxy if qube has compatible service enabled.
Match Exec "test -f /var/run/qubes-service/qusal-proxy-client"
ProxyCommand qrexec-client-vm @default qusal.ConnectTCP+%h+%p

0
files/ssh/.ssh/control.d/.gitignore vendored Normal file
View File