On Mon, Sep 22, 2014 at 09:46:56PM +0100, steve-ALUG@hst.me.uk wrote:
These mean that I can enter 'ssh chris' from outside and it does all the work for me. However it also means that 'ssh chris' when I'm on the LAN also goes via cheddar.halon.org.uk because of the 'Host chris' line in the config file.
Another alternative, inside the LAN, just use ssh chris
for outside the lan, create a bash script and call it sshchris2.sh or something short and snappy. put all your commands in that. Then if you at home just do ssh chris, away from home just sshchris2. Simple Sorted?
Yes, I considered this. It would be pretty easy to invent two names for my machine 'chris' and use one from outside and the other on the LAN.
I am just trying for perfection such that I can 'ssh chris' from anywhere! :-)
I think I have done it now with the following in my ~/.ssh/config file:-
Host halon HostName cheddar.halon.org.uk
Match host chris exec "hostNotLocal chris" ProxyCommand ssh cheddar nc -q0 zbmc.eu 22
... plus the script hostNotLocal which returns true if a host can't be found on the local LAN. Thus what happens when I enter 'ssh chris' is that the Match line looks to see if it can see 'chris' (that hostNotLocal just uses a ping), if it *can* see 'chris' then the ProxyCommand *doesn't* happen and the 'ssh chris' simply connects to the local 'chris'. On the other hand if 'chris' isn't there then the ProxyCommand does its work and my two stage login is done.
Yes, I know it's quite complicated in a way but it does make my life a little simpler. :-)