Stop ssh config on first match
I have a added a local proxy for all my hosts in my .ssh config, however I want to shell into my local vm without the proxy command. Output of my ssh attempt:
debug1: /Users/bbarbour/.ssh/config line 1: Applying options for local.dev
debug1: /Users/bbarbour/.ssh/config line 65: Applying options for *
Given the following ssh config how do I prevent the ProxyCommand from being applied to the local.dev entry?
Host local.dev
HostName dev.myserver.com
User developer
...
Host *
ProxyCommand /usr/local/bin/corkscrew 127.0.0.1 8840 %h %p
You can exclude local.dev from ProxyCommand, using ! before it:
Host * !local.dev
ProxyCommand /usr/local/bin/corkscrew 127.0.0.1 8840 %h %p
From ssh_config documentation:
If more than one pattern is provided, they should be separated by whitespace.
A pattern entry may be negated by prefixing it with an exclamation mark (`!’). If a negated entry is matched, then the Host
entry is ignored, regardless of whether any other patterns on the
line match. Negated matches are therefore useful to provide
exceptions for wildcard matches.
The documentation also said:
For each parameter, the first obtained value will be used. The
configuration files contain sections separated by “Host”
specifications, and
that section is only applied for hosts that match one of the patterns
given in the specification. The matched host name is the one given on
the command line.
So, you can also disable ProxyCommand for local.dev by override value that you have defined in Host *:
Host local.dev
HostName dev.myserver.com
User developer
ProxyCommand none
An option in the config file is applied the first time it matches. Since you don’t have any ProxyCommand in the host entry, the one in your * entry will be used.
There are two ways to get around this:
- For the hosts where you don’t want to use the proxy command, simply add the line
ProxyCommand none
- For the
*entry, note specifically that the entry should not apply to the hostlocal.devby negating it with a!
Host !local.dev *