babbarc/workspaces
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(ssh): use global ssh config

Browse Source
This commit is contained in:
yeti 2025-05-13 08:48:50 +01:00
parent c67ce5e7e4
commit fd9e672d28
3 changed files with 3 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ssh/config → 00-allow-git.conf
View File

@ -1,10 +1,11 @@
Host alps Host alps
HostName %h
User git User git
IdentityFile /opt/secure/ssh/id_ed25519 IdentityFile /opt/secure/ssh/id_ed25519
IdentitiesOnly yes IdentitiesOnly yes
StrictHostKeyChecking yes StrictHostKeyChecking yes
Port 2222 Port 2222
ProxyCommand none
Host * Host *
ProxyCommand /opt/secure/ssh/ssh-blocker.sh %h %p ProxyCommand /bin/false

6
ssh/secure-ssh-wrapper.sh
View File

@ -1,6 +0,0 @@
#!/bin/bash
if ! /opt/secure/ssh/ssh_blocker.sh "$@"; then
echo "❌ Restricted access"
exit 1
fi
exec ssh -F /opt/secure/ssh/config -i /opt/secure/ssh/id_ed25519 "\$@"

8
ssh/ssh_blocker.sh
View File

@ -1,8 +0,0 @@
#!/bin/bash
# Example: block push or connections to some hosts
if [[ "$*" != *"alps"* ]]; then
exit 1
fi
exit 0