Fix SSH setup for CERN

author: Timo Wilken 2023-02-22 11:27:14 +0100
committer: Timo Wilken 2023-03-04 19:23:26 +0100
commit: 10a57d33d08d2c71518d70ab3d3f3b6303d9a4b2 (patch)
tree: 0b0f537d661f642e234acdb7eff1e2140e935271 /tw/home.scm
parent: c609ea215989fe2bbf87552c543a317f26fe6a49 (diff)
1 files changed, 8 insertions, 15 deletions
diff --git a/tw/home.scm b/tw/home.scm
index 6968ae98..7112dcf0 100644
--- a/tw/home.scm
+++ b/tw/home.scm
@@ -186,15 +186,10 @@ auto-expand-secmem
      (home-openssh-configuration
       (hosts
        ;; Earlier rules take precedence over later ones.
-       `(,(openssh-host (name "*.srcf.net") (user "tw466"))
-         ;; My own machines
-         ,@(map make-own-ssh-host (map car %ssh-ports) (map cdr %ssh-ports))
-         ,@(map make-own-ssh-host (map (compose wireguardify car) %ssh-ports) (map cdr %ssh-ports))
-         ,(openssh-host (name "*.fritz.box") (proxy-command "ssh -W '[%h]:%p' lud.twilken.net"))
-         ;; Git hosts
+       `(;; Git hosts
          ,@(map (lambda (host) (openssh-host (name host) (user "git")))
-                '("github.com" "ssh.github.com" "bitbucket.org"))
-         ,(openssh-host (name "gitlab.cern.ch") (port 7999) (user "git") (proxy-command "none"))
+                '("github.com" "ssh.github.com"))
+         ,(openssh-host (name "gitlab.cern.ch") (port 7999) (user "git"))
          ;; BitBucket apparently only supports ssh-rsa.
          ,(openssh-host
            (name "bitbucket.org")
@@ -203,16 +198,14 @@ auto-expand-secmem
          ;; CERN stuff
          ,(openssh-host
            (name "lxplus.cern.ch")
-           (proxy-command "none")    ; avoid ProxyJump loops
            (extra-content "GSSAPIDelegateCredentials yes"))   ; needed for EOS home mount
          ,(openssh-host
            (name "cvmfs-alice.cern.ch")
            (extra-content "GSSAPIDelegateCredentials yes"))   ; needed for EOS home mount
          ,(openssh-host
-           (name "twilkendesktop.cern.ch")
-           (port 22022)
-           (forward-x11? #t)
-           (extra-content "GSSAPIDelegateCredentials yes"))
+           (name "tw-mailproc.cern.ch")
+           (user "root")
+           (identity-file "~/.local/share/ssh-keys/openstack_personal_id_rsa"))
          ,@(map (lambda (spec)
                   (openssh-host (name (car spec)) (user (cdr spec))
                                 (identity-file "~/.local/share/ssh-keys/alicern_id_rsa")))
@@ -225,12 +218,12 @@ auto-expand-secmem
                   ("alimesos*.cern.ch" . "root")
                   ("alientest*.cern.ch" . "root")
                   ("aliflow*.cern.ch" . "root")
-                  ("alijenkins*.cern.ch" . "root")))
+                  ("alijenkins*.cern.ch" . "root")
+                  ("arm-builder-*" . "centos")))
          ,(openssh-host
            (name "*.cern.ch")
            (user "twilken")
            (identity-file "~/.local/share/ssh-keys/cern_id_rsa")
-           (proxy-command "ssh -W '[%h]:%p' -l twilken lxplus.cern.ch")
            (extra-content  "\
   # Kerberos authentication
   GSSAPIAuthentication yes
author	Timo Wilken	2023-02-22 11:27:14 +0100
committer	Timo Wilken	2023-03-04 19:23:26 +0100
commit	10a57d33d08d2c71518d70ab3d3f3b6303d9a4b2 (patch)
tree	0b0f537d661f642e234acdb7eff1e2140e935271 /tw/home.scm
parent	c609ea215989fe2bbf87552c543a317f26fe6a49 (diff)