If you're using ProxyCommand a subsequent match can set "ProxyCommand none" to clear the previous setting. This is useful with wildcards: Host bastion.example.org ProxyCommand none Host *.example.org ProxyCommand ssh bastion.example.org -W %h:%p ProxyJump doesn't have a documented way to accomplish the same effect. If you know that it is currently implemented internally as a shortcut to construct a ProxyCommand you can clear it: Host bastion.example.org ProxyCommand none Host *.example.org ProxyJump bastion.example.org It would be friendlier if ProxyJump supported "none" (currently it just passes that value through as the hostname) for symmetry but in either case the main benefit would probably be documenting this.
Created attachment 3151 [details] Accept ProxyJump=none
Patch is applied and will be in OpenSSH 7.8 - thanks! commit 4b22fd8ecefd059a66140be67f352eb6145a9d88 (HEAD -> master, origin/master, origin/HEAD) Author: djm@openbsd.org <djm@openbsd.org> Date: Tue May 22 00:13:26 2018 +0000 upstream: support ProxyJump=none to disable ProxyJump functionality; bz#2869 ok dtucker@ OpenBSD-Commit-ID: 1c06ee08eb78451b5837fcfd8cbebc5ff3a67a01
Awesome, thanks for the rapid patch!
closing resolved bugs as of 8.6p1 release