Confirmed users
67
edits
Buildduty/day 1 checklist: Difference between revisions
Changed the Jumphost config file, based on recommendations from Dragos Crisan
(→Mailing lists: added puppet, taskcluster, and buildduty mail groups) |
(Changed the Jumphost config file, based on recommendations from Dragos Crisan) |
||
| Line 59: | Line 59: | ||
example ssh config: | example ssh config: | ||
# Ensure KnownHosts are unreadable if leaked - it is otherwise easier to know which hosts your keys have access to. | |||
HashKnownHosts yes | |||
# Host keys the client accepts - order here is honored by OpenSSH | |||
HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256 | |||
Host hg.mozilla.org git.mozilla.org | |||
User dlabici@mozilla.com | |||
Compression yes | |||
ServerAliveInterval 300 | |||
Host *.mozilla.com | |||
User dlabici | |||
IdentityFile ~/.ssh/id_rsa_mozilla_2017-05-12 | |||
Compression yes | |||
ServerAliveInterval 300 | |||
Host *.build.mozilla.org | |||
Compression yes | |||
User cltbld | |||
ServerAliveInterval 300 | |||
Host rejh?.srv.releng.????.mozilla.com | |||
ControlMaster auto | |||
ControlPath ~/.ssh/ssh-%C | |||
ControlPersist 10m | |||
ForwardAgent no | |||
Host .releng.mdc1.mozilla.com !rejh?.srv.releng.mdc1.mozilla.com !.private.releng.????.mozilla.com | |||
ProxyCommand ssh -W %h:%p rejh1.srv.releng.mdc1.mozilla.com | |||
Host .releng.us??.mozilla.com .releng.scl3.mozilla.com !rejh?.srv.releng.????.mozilla.com !*.private.releng.scl3.mozilla.com | |||
# !rpmpackager1.srv.releng.use1.mozilla.com | |||
ProxyCommand ssh -W %h:%p rejh1.srv.releng.scl3.mozilla.com | |||
== Buildduty LDAP groups == | == Buildduty LDAP groups == | ||