feat(ssh): use global ssh config

2025-05-13 08:48:50 +01:00 · 2025-05-13 08:48:50 +01:00 · fd9e672d28
commit fd9e672d28
parent c67ce5e7e4
3 changed files with 3 additions and 16 deletions
--- a/00-allow-git.conf
+++ b/00-allow-git.conf
@ -1,10 +1,11 @@
-
 Host alps
+    HostName %h
    User git
    IdentityFile /opt/secure/ssh/id_ed25519
    IdentitiesOnly yes
    StrictHostKeyChecking yes
    Port 2222
+    ProxyCommand none

 Host *
-    ProxyCommand /opt/secure/ssh/ssh-blocker.sh %h %p
+    ProxyCommand /bin/false
--- a/ssh/secure-ssh-wrapper.sh
+++ b/ssh/secure-ssh-wrapper.sh
@ -1,6 +0,0 @@
-#!/bin/bash
-if ! /opt/secure/ssh/ssh_blocker.sh "$@"; then
-  echo "❌ Restricted access"
-  exit 1
-fi
-exec ssh -F /opt/secure/ssh/config -i /opt/secure/ssh/id_ed25519 "\$@"
--- a/ssh/ssh_blocker.sh
+++ b/ssh/ssh_blocker.sh
@ -1,8 +0,0 @@
-#!/bin/bash
-# Example: block push or connections to some hosts
-
-if [[ "$*" != *"alps"* ]]; then
-  exit 1
-fi
-
-exit 0