Many servers have different IP addresses, and different canonical DNS entries, depending on which side of the (NAT) firewall you are connecting from. It would be nice to have a single Host entry in the ssh/config file that would cope with multiple hostname alternatives, and try first one, then the other. eg: Host example1 Hostname example1 Hostname example1.no-ip.org Port 2222 What this should do is allow me to type "ssh example1" and then: * If I am at home, inside my NAT firewall, it should try to connect to the machine named "example1" (according to the DNS entry in my broadband router). * If I am away at work, it should connect to the FQDN at no-ip.org, on the port 2222. The reason this is useful is when setting up connections for less technical users. For example, having done this, it's then possible to enable, say, SFTP within Nautilus, and have it work whether the laptop is inside or outside the home network. Otherwise, one must have multiple different entries that are context-dependent. Thanks for your consideration.
you can do this by butting multiple addresses for the host in question in /etc/hosts or in the DNS
> you can do this by butting multiple addresses for the host in question > in /etc/hosts or in the DNS Sadly this only works if one has sufficient control. After all, if one can control DNS satisfactorily, the issue doesn't arise. But from the SSH user's perspective, he cannot necessarily alter the DNS. However, in the worst case, all we have are two (or more) host-names, maybe or not fully-qualified, and where, depending on where the laptop is (and what DHCP/DNS server is answering), either, both or neither of these is the right machine. I can achieve what I want from a bash alias quite easily, but this isn't helpful when stacking things like nautilus bookmarks on top of ssh. Eg: alias ssh_mydesktop='{ fping -q internal_hostname && ssh internal_hostname;} || { fping -q external_hosgtname && ssh external_hostname ;} || { echo Sory, unreachable either way ;} ' (this approach is also brittle, if I am outside my own firewall, and "internal_hostname" coincides with an entry that happens to be valid in the external DNS server.
I've used a ProxyCommand to do this kind of thing, eg: Host example1 ProxyCommand ~/bin/multiconnect %h %p then have whatever logic you like in the shell script and use netcat or similar to actually make the connection: #!/bin/sh if ifconfig eth0 | grep -q '192\.168\.0\.' then exec nc 192.168.0.1 %p else exec nc example1.no-ip.org %p fi
In fact you can implement the exact semantics you're after with a proxycommand (and different ports too): Host example1 ProxyCommand sh -x"(nc example1 22 || nc example1.no-ip.org 2222) 2>/dev/null"
The host resolution code is already extremely fiddly, so adding this would make it IMO too complex to maintain sorry.
Close all resolved bugs after 7.3p1 release