###
### Version vom 29. November 2025 (1)
###
# XY_hostname
#
# X is user
#   a admin
#   A andre
#   c conetadm
#   g andregeissler
#   n ansible
#   r root
#
# Y is network
#   l LAN
#   v VPN
#

# read config from bottom up
# that means higher options overwrites lower ones

Host jj
 HostKeyAlias                     jj
 User                             conetadm
Host jjj
 HostKeyAlias                     jjj
 User                             andre

Host ?l_jj ?d_jj svn_jj
 HostKeyAlias                     jj
 Hostname                         jj

Host ?l_jjj
 HostKeyAlias                     jjj
 Hostname                         jjj

Host ?l_mc
 HostKeyAlias                     mc
 Hostname                         195.20.133.87

Host ?l_server
 HostKeyAlias                     server
 Hostname                         192.168.100.5

Host ?l_tux
 HostKeyAlias                     tux
 Hostname                         192.168.100.100

Host ?l_nas nas synology 192.168.100.250
 HostKeyAlias                     nas
 ForwardX11                       no
 Hostname                         192.168.100.250

Host vesta
 User                             root
Host ?l_vesta vesta
 HostKeyAlias                     vesta
 Hostname                         vesta.agserver.de
 Port                             2222

Host vesta.hosting-ffm.de
 User                             conetadm
 ProxyCommand                     ssh -qW %h:%p jj

Host supnas01
 User                             hohenschutz_sftp
 HostKeyAlgorithms                +ssh-rsa


Host tinyca2
 User                             conetadm
 Hostname                         conlxtinyca2
 RemoteCommand                    tinyca2
 #screen -UDr

Host conlxxontro02 192.168.212.112
 HostKeyAlgorithms                +ssh-rsa
 ProxyCommand                     none

Host slc-1 slc-2
 HostKeyAlgorithms                +ssh-rsa
 User                             sysadmin

Host switch-labor-*
 HostKeyAlgorithms                +ssh-rsa
 User                             conetadm

Host conlxxontro02 conlxcert02 conmail* declx* conlxtiny*
 User                             conetadm

Host *.conet-services.de
 User                             ansible
 ProxyCommand                     ssh -qW %h:%p jj

Host conpve*
 User                             root

Host bitlx*
 User                             conetadm

Host conlxobs1
 ProxyCommand                     None

Host sophos-*
 User                             admin

Host con* conlx* conmail*
 HostName                         %h
 Port                             22
 User                             ansible
 IdentityFile                     ~/.ssh/ansible_id_rsa
 HostKeyAlgorithms                +ssh-rsa
 #ProxyCommand                     ssh -qW %h:%p jj
 UserKnownHostsFile               /dev/null

#Host switch-admin-*
## Zeile notwendig wenn in Admin Umgebung
# ProxyCommand                     none
## In Finance Umgebung muss Proxy 'jj' genutzt werden
# ProxyCommand                     ssh -qW %h:%p jj
## ssh admin:HOSTNAME@switch-admin-con<1|2>
## 1. Login auf Avocent admin/avocent
##    Verbindung auf Konsole dort
## 2. Login auf Gerät ageissler/

Host switch-* router-* asa-* sophos-*
 HostName                         %h
 Port                             22
 User                             ageissler
 PreferredAuthentications         keyboard-interactive,password
 KbdInteractiveAuthentication     yes
 PasswordAuthentication           yes
 Ciphers                          +aes128-cbc,aes256-cbc,aes192-ctr
 KexAlgorithms                    +diffie-hellman-group1-sha1,diffie-hellman-group14-sha1
 HostKeyAlgorithms                +ssh-rsa
 ForwardX11                       no
 ProxyCommand                     ssh -qW %h:%p jj

Host gitlab.rproxy.conet-services.de
 User                             ageissler
 HostName                         gitlab.rproxy.conet-services.de
 IdentityFile                     ~/.ssh/id_ed25519
 IdentitiesOnly                   yes

# set username
Host a?_*
 User                             admin
Host A?_*
 User                             andre
Host c?_*
 User                             conetadm
Host g?_*
 User                             andregeissler
Host r?_*
 User                             root
Host R?_* svn_*
 User                             rancid
Host n?_*
 User                             ansible
Host ??_*
 User                             unknown_user
Host 10.99.0.120
 PreferredAuthentications keyboard-interactive,password

# set general settings
Host *
 User                             andre
 PreferredAuthentications         publickey,keyboard-interactive,password
 StrictHostKeyChecking            no
 HashKnownHosts                   no
 #UserKnownHostsFile               /dev/null
 IdentityFile                     ~/.ssh/id_ed25519
 IdentityFile                     ~/.ssh/ansible_id_rsa
 CheckHostIP                      no
 ForwardX11                       yes
 NoHostAuthenticationForLocalhost yes
 ServerAliveInterval              60
 ServerAliveCountMax              2