12

I'm SSH'ing into multiple datacenters that are setup identically. Each datacenter has a jumpbox, and behind that there's access to various db servers etc.

It's a pain to manually specify entries for all these servers, when they're almost identical across datacenters, other than the jumpbox IP. So I'd like to set my .ssh/config file so that I can type datacenter_name-server_behind_jumpbox and have SSH grab the datacenter_name off the front of the host (so that I can re-use it in the ProxyCommand.

For example, if I want to access the Maria server in datacenter1, I'd create an SSH entry for the jumpbox called datacenter1. Then for the Maria server behind it, I'd setup something like:

Host %dc%-maria Hostname maria User jeff ProxyCommand ssh -q -W %h:%p %dc

That way I only need to setup a single entry for each type of server that's located behind the jumpbox, and it automatically knows which datacenter jumpbox to hit.

Is something like this possible?

Improve this question
2
  • You can use glob-style patterns (eg Host *-maria), but there does not appear to be a way to capture the matching part of the hostname for use in the configuration. Commented May 9, 2016 at 20:36
  • 1
    Related: serverfault.com/q/26422/115583 Commented Dec 23, 2019 at 14:26

3 Answers 3

Reset to default
7

I add a fake suffix to the hostname with different proxy hosts

Host *.dc1 ProxyCommand ssh -q %r@dc1 -W %h:%p Host *.dc2 ProxyCommand ssh -q %r@dc2 -W %h:%p

Then do something like ssh server1.dc1 and it will use the proxy host.

You can add Host entries for custom settings like this:

Host server1.* User jeff
Improve this answer
6

I'm in a similar situation and doing something like this:

# configuration for the datacenter, can add entries for each datacenter Host datacenter_name HostName <datacenter_ip> User <datacenter_user> IdentityFile <datacenter_keyfile> # usage match: datacenter_name-server_behind_jumpbox Host *-* User <server_behind_jumpbox user> IdentityFile <server_behind_jumpbox keyfile> Port <server_behind_jumpbox port> ProxyCommand ssh $(echo %h | cut -d- -f1) nc $(echo %h | cut -d- -f2) %p"

Of course you could also do something more like you described

# usage match: datacenter_name-maria, specify one for each server Host *-maria User <maria user> IdentityFile <maria keyfile> Port <maria port> ProxyCommand ssh $(echo %h | cut -d- -f1) nc $(echo %h | cut -d- -f2) %p"
Improve this answer
5

You can run a script as a custom ProxyCommand and do your works before the real ProxyCommand:

.ssh/config:

Host *-maria Hostname maria User jeff ProxyCommand /bin/datacenter_ssh.sh %h %p

datacenter_ssh.sh:

#!/bin/bash COMBINED=$1 DATACENTER=$(echo $COMBINED | cut -d'-' -f1) SERVER=$(echo $COMBINED | cut -d'-' -f2) PORT=$2 ssh -q -W $SERVER:$PORT $DATACENTER
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.