# WMF Labs Host gerrit gerrit.wikimedia.org Hostname gerrit.wikimedia.org Port 29418 User IdentityFile Host bastion.wmflabs.org ProxyCommand none ControlMaster no Host *.wmflabs *.wmflabs.org User IdentityFile IdentitiesOnly yes Host *.wmflabs ProxyCommand ssh -a -W %h:%p bastion.wmflabs.org # WMF Prod Host bast1001.wikimedia.org ProxyCommand none ControlMaster no Host *.eqiad.wmnet *.codfw.wmnet *.wikimedia.org !gerrit.wikimedia.org User IdentityFile IdentitiesOnly yes ProxyCommand ssh -a -W %h:%p bast1001.wikimedia.org # Use strong ciphers when connecting to WMF servers Host *.wmnet *.wmflabs *.wikimedia.org !gerrit.wikimedia.org Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256 # Global defaults Host * ForwardAgent no ForwardX11 no Protocol 2,1 ControlMaster auto ControlPath ~/.ssh/sockets/%C KeepAlive yes ServerAliveInterval 60 PreferredAuthentications publickey