# vim:ft=sshconfig:

#Host mcrute-virt.sea1.crute.me
#    ConnectTimeout 300
#    IdentitiesOnly no
##    ProxyCommand ~/repos/websocket_proxy/clients/client-linux-amd64 --client-proxy-host=dev.ssh-proxy.crute.me:8070 %h %p %r
#    ProxyCommand ~/repos/websocket_proxy/clients/client-linux-amd64 --client-proxy-host=ssh-proxy.crute.me %h %p %r

Host mcrute-virt mcrute-virt.sea1.crute.me
    User mcrute
    ForwardAgent yes
    DynamicForward 9999
    IdentityFile ~/.ssh/id_rsa.home.pub
    # Tab Opener
    RemoteForward *:1424 localhost:1424
    # Music Ports
    RemoteForward 1234 localhost:1234
    RemoteForward 1235 localhost:1235

Host *.crute.me *.crute.us *.as398223.net
    IdentityFile ~/.ssh/id_rsa.home.pub

# Match 172.16.0.0/12
Host 172.16.* 172.17.* 172.18.* 172.19.* 172.2?.* 172.30.* 172.31.*
    IdentityFile ~/.ssh/id_rsa.home.pub

Host github.com
    IdentityFile ~/.ssh/id_rsa.home.pub

Host gitlab.alpinelinux.org
    IdentityFile ~/.ssh/id_rsa.home.pub

Host *
    ServerAliveInterval 60
    ConnectTimeout 10
    ConnectionAttempts 10
    HashKnownHosts yes

    # Don't offer all agent identities to each host. Requires a matching
    # Host with one or more IdentityFile options specified. These can be
    # a private key or a public key that the agent holds.
    #
    # But... this breaks the ProxyCommand that relies on certificates. Not
    # sure how to remedy that.
    #
    IdentitiesOnly yes

    # Allow SSH-RSA keys for now since so many things (especially network
    # and datacenter gear) still want them and Fedora has disabled them by
    # default.
    PubkeyAcceptedKeyTypes +ssh-rsa
    HostKeyAlgorithms +ssh-rsa

    # Would be nice to one day publish public keys in DNS, but for now this
    # just slows down connections and most hosts aren't published.
    #VerifyHostKeyDNS yes