I have a number of local domains in my resolv.conf search order. I would very much like to forward SSH agent by default when I connect to an unqualified (without DNS suffix) hostname. The best I've been able to come up with is something like the following in ~/.ssh/config:
Host *.edu
ForwardAgent no
Host *.com
ForwardAgent no
Host *.net
ForwardAgent no
Host *.org
ForwardAgent no
Host *
ForwardAgent yes
Along with listing known suffixes for edu/com/net/org that I do still want to forward to, such as .srv.example.com.
For a site that has a host naming prefix convention (such as fc-* for fedora systems), a simple wildcard entry matches them, but that doesn't work for generic or non-prefixed names.
Is there any better way to do this than the above ugly hack?
It's simple:
The first line basically matches everything containing at least one
.and since the first match counts, the broader patter in the next line never gets evaluated. Obviously, you would put specific hosts above all this.