Access/ssh-config: generate consistent ssh_config
* Prefer text/template over html/template to avoid unwanted HTML encoding
* Use templated "cfpipe-{{.Hostname}}"
* Fix IdentityFile suffix in "cfpipe" to use key generated by "ssh-gen"
This commit is contained in:
herver
GitHub
parent
babcd9fe2b
commit
d51446d5b1
|
|
@ -3,10 +3,10 @@ package access
|
||||||
import (
|
import (
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"html/template"
|
|
||||||
"net/url"
|
"net/url"
|
||||||
"os"
|
"os"
|
||||||
"strings"
|
"strings"
|
||||||
|
"text/template"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/shell"
|
"github.com/cloudflare/cloudflared/cmd/cloudflared/shell"
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/token"
|
"github.com/cloudflare/cloudflared/cmd/cloudflared/token"
|
||||||
|
|
@ -31,12 +31,12 @@ Add this configuration block to your {{.Home}}/.ssh/config:
|
||||||
|
|
||||||
Host {{.Hostname}}
|
Host {{.Hostname}}
|
||||||
{{- if .ShortLivedCerts}}
|
{{- if .ShortLivedCerts}}
|
||||||
ProxyCommand bash -c '{{.Cloudflared}} access ssh-gen --hostname %h; ssh -tt cfpipe >&2 <&1'
|
ProxyCommand bash -c '{{.Cloudflared}} access ssh-gen --hostname %h; ssh -tt cfpipe-{{.Hostname}} >&2 <&1'
|
||||||
|
|
||||||
Host cfpipe-{{.Hostname}}
|
Host cfpipe-{{.Hostname}}
|
||||||
HostName {{.Hostname}}
|
HostName {{.Hostname}}
|
||||||
ProxyCommand {{.Cloudflared}} access ssh --hostname %h
|
ProxyCommand {{.Cloudflared}} access ssh --hostname %h
|
||||||
IdentityFile ~/.cloudflared/{{.Hostname}}.me-cf_key
|
IdentityFile ~/.cloudflared/{{.Hostname}}-cf_key
|
||||||
CertificateFile ~/.cloudflared/{{.Hostname}}-cf_key-cert.pub
|
CertificateFile ~/.cloudflared/{{.Hostname}}-cf_key-cert.pub
|
||||||
{{- else}}
|
{{- else}}
|
||||||
ProxyCommand {{.Cloudflared}} access ssh --hostname %h
|
ProxyCommand {{.Cloudflared}} access ssh --hostname %h
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue