所以我的10.10.10.x子网上有一大堆机器,所有这些机器基本上都以相同的方式配置。我将这些与我的10.10.11.x子网上的机器区分开来,这些机器用于不同的目的。
我希望能够键入'ssh 10.x'连接到10.网络上的计算机,输入'ssh 11.x'连接到11网络上的计算机。
我知道我可以设置单个机器以允许访问完整的ip,或者在我的〜/ .ssh / config中使用这样的速记版本:
Host 10.10.10.11 10.11
HostName 10.10.10.11
User root
对于我网络上的很多主机,这可能会非常重复,所以我的问题是,有没有办法将此指定为整个子网的模式,如:
Host 10.10.10.x
User root
Host 10.x
HostName 10.10.10.x
User root
由于
答案 0 :(得分:18)
此行将提供所需的功能:
Host 192.168.1.*
IdentityFile KeyFile
如果您尝试连接其IP位于此子网中的服务器,则可以建立ssh连接。
答案 1 :(得分:13)
从Manpage:
A pattern consists of zero or more non-whitespace characters, ‘*’ (a
wildcard that matches zero or more characters), or ‘?’ (a wildcard that
matches exactly one character). For example, to specify a set of decla‐
rations for any host in the “.co.uk” set of domains, the following pat‐
tern could be used:
Host *.co.uk
The following pattern would match any host in the 192.168.0.[0-9] network
range:
Host 192.168.0.?
A pattern-list is a comma-separated list of patterns. Patterns within
pattern-lists may be negated by preceding them with an exclamation mark
(‘!’). For example, to allow a key to be used from anywhere within an
organisation except from the “dialup” pool, the following entry (in
authorized_keys) could be used:
from="!*.dialup.example.com,*.example.com"
所以你可以使用host 10.*
答案 2 :(得分:-1)
对于任何ec2实例IP地址,请像ssh 13.236.179.67一样进行连接,自动将用户作为ec2-user和密钥文件。
Host *.*.*.*
IdentityFile ~/.ssh/key.pem
CheckHostIP no
PasswordAuthentication no
User ec2-user
UserKnownHostsFile /dev/null
StrictHostKeyChecking no