主机子网的ssh-config

时间:2012-07-17 21:46:38

标签: ssh

所以我的10.10.10.x子网上有一大堆机器,所有这些机器基本上都以相同的方式配置。我将这些与我的10.10.11.x子网上的机器区分开来,这些机器用于不同的目的。

我希望能够键入'ssh 10.x'连接到10.网络上的计算机,输入'ssh 11.x'连接到11网络上的计算机。

我知道我可以设置单个机器以允许访问完整的ip,或者在我的〜/ .ssh / config中使用这样的速记版本:

Host 10.10.10.11 10.11
HostName 10.10.10.11
User root

对于我网络上的很多主机,这可能会非常重复,所以我的问题是,有没有办法将此指定为整个子网的模式,如:

Host 10.10.10.x
User root

Host 10.x
HostName 10.10.10.x
User root

由于

3 个答案:

答案 0 :(得分:18)

此行将提供所需的功能:

Host 192.168.1.*
IdentityFile KeyFile

如果您尝试连接其IP位于此子网中的服务器,则可以建立ssh连接。

答案 1 :(得分:13)

从Manpage:

 A pattern consists of zero or more non-whitespace characters, ‘*’ (a
 wildcard that matches zero or more characters), or ‘?’ (a wildcard that
 matches exactly one character).  For example, to specify a set of decla‐
 rations for any host in the “.co.uk” set of domains, the following pat‐
 tern could be used:

       Host *.co.uk

 The following pattern would match any host in the 192.168.0.[0-9] network
 range:

       Host 192.168.0.?

 A pattern-list is a comma-separated list of patterns.  Patterns within
 pattern-lists may be negated by preceding them with an exclamation mark
 (‘!’).  For example, to allow a key to be used from anywhere within an
 organisation except from the “dialup” pool, the following entry (in
 authorized_keys) could be used:

       from="!*.dialup.example.com,*.example.com"

所以你可以使用host 10.*

答案 2 :(得分:-1)

对于任何ec2实例IP地址,请像ssh 13.236.179.67一样进行连接,自动将用户作为ec2-user和密钥文件。

Host *.*.*.* IdentityFile ~/.ssh/key.pem CheckHostIP no PasswordAuthentication no User ec2-user UserKnownHostsFile /dev/null StrictHostKeyChecking no