Simplify ssh config and use it everywhere

metal-stack · Aug 1, 2024 · 6326c3c · 6326c3c
1 parent 0e7c0a8
commit 6326c3c
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 14 deletions.
diff --git a/Makefile b/Makefile
@@ -54,8 +54,8 @@ up: env control-plane-bake partition-bake
 # without restarting the metal-core
 # TODO: should be investigated and fixed if possible
 	sleep 10
-	ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o "PubkeyAcceptedKeyTypes +ssh-rsa" root@leaf01 -i files/ssh/id_rsa 'systemctl restart metal-core'
-	ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o "PubkeyAcceptedKeyTypes +ssh-rsa" root@leaf02 -i files/ssh/id_rsa 'systemctl restart metal-core'
+	ssh -F files/ssh/config leaf01 'systemctl restart metal-core'
+	ssh -F files/ssh/config leaf02 'systemctl restart metal-core'
 
 .PHONY: restart
 restart: down up
@@ -160,11 +160,11 @@ docker-leaf02:
 
 .PHONY: ssh-leaf01
 ssh-leaf01:
-	ssh -o StrictHostKeyChecking=no -o "PubkeyAcceptedKeyTypes +ssh-rsa" -i files/ssh/id_rsa root@leaf01
+	ssh -F files/ssh/config leaf01
 
 .PHONY: ssh-leaf02
 ssh-leaf02:
-	ssh -o StrictHostKeyChecking=no -o "PubkeyAcceptedKeyTypes +ssh-rsa" -i files/ssh/id_rsa root@leaf02
+	ssh -F files/ssh/config leaf02
 
 ## MACHINE MANAGEMENT ##
 

diff --git a/files/ssh/config b/files/ssh/config
@@ -1,17 +1,14 @@
-Host leaf01
-    HostName leaf01
-    User root
+Host *
+    User metal
     IdentityFile files/ssh/id_rsa
     PasswordAuthentication no
     StrictHostKeyChecking no
     UserKnownHostsFile /dev/null
     PubkeyAcceptedKeyTypes +ssh-rsa
 
-Host * !leaf01
-    User metal
-    IdentityFile files/ssh/id_rsa
-    PasswordAuthentication no
-    StrictHostKeyChecking no
-    UserKnownHostsFile /dev/null
+Host leaf*
+    User root
+
+Host fe80::*
     # bash could be replaced with ncat, but it is not preinstalled on Cumulus
     ProxyCommand ssh -q -F files/ssh/config leaf01 'sudo ip vrf exec default bash -c "exec 3<>/dev/tcp/%h/%p; cat<&0 >&3 & cat<&3 >&1"'
diff --git a/test/integration.sh b/test/integration.sh
@@ -46,6 +46,6 @@ echo "Test connectivity to outside"
 make connect-to-cloudflare
 
 echo "Test connectivity from outside"
-ssh -o StrictHostKeyChecking=no -o "PubkeyAcceptedKeyTypes +ssh-rsa" -i files/ssh/id_rsa metal@203.0.113.130 -C exit
+ssh -F files/ssh/config 203.0.113.130 -C exit
 
 echo "Successfully started mini-lab"