From fd9e672d28a73c2486a9981874af5c0a97e479e7 Mon Sep 17 00:00:00 2001
From: yeti <yeti@alps>
Date: Tue, 13 May 2025 08:48:50 +0100
Subject: [PATCH] feat(ssh): use global ssh config

---
 ssh/config => 00-allow-git.conf | 5 +++--
 ssh/secure-ssh-wrapper.sh       | 6 ------
 ssh/ssh_blocker.sh              | 8 --------
 3 files changed, 3 insertions(+), 16 deletions(-)
 rename ssh/config => 00-allow-git.conf (68%)
 delete mode 100755 ssh/secure-ssh-wrapper.sh
 delete mode 100755 ssh/ssh_blocker.sh

diff --git a/ssh/config b/00-allow-git.conf
similarity index 68%
rename from ssh/config
rename to 00-allow-git.conf
index ad15423..10ac1c7 100644
--- a/ssh/config
+++ b/00-allow-git.conf
@@ -1,10 +1,11 @@
-
 Host alps
+    HostName %h
     User git
     IdentityFile /opt/secure/ssh/id_ed25519
     IdentitiesOnly yes
     StrictHostKeyChecking yes
     Port 2222
+    ProxyCommand none
 
 Host *
-    ProxyCommand /opt/secure/ssh/ssh-blocker.sh %h %p
+    ProxyCommand /bin/false
diff --git a/ssh/secure-ssh-wrapper.sh b/ssh/secure-ssh-wrapper.sh
deleted file mode 100755
index afed73e..0000000
--- a/ssh/secure-ssh-wrapper.sh
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/bin/bash
-if ! /opt/secure/ssh/ssh_blocker.sh "$@"; then
-  echo "❌ Restricted access"
-  exit 1
-fi
-exec ssh -F /opt/secure/ssh/config -i /opt/secure/ssh/id_ed25519 "\$@"
diff --git a/ssh/ssh_blocker.sh b/ssh/ssh_blocker.sh
deleted file mode 100755
index 2945984..0000000
--- a/ssh/ssh_blocker.sh
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/bin/bash
-# Example: block push or connections to some hosts
-
-if [[ "$*" != *"alps"* ]]; then
-  exit 1
-fi
-
-exit 0