Hi,
We have a requirement to pass for example, -o “RemoteForward 8080 host.behind.the.firewall.com:80” to some hosts so that the host can reverse tunnel to some private resources on our local network. For example we use a private git repo that is not publicly accessible, yet we need to use it deploy to public-facing hosts.
Currently it seems to be an all-or-nothing configuration, as its only in ansible.cfg**,** as part of ssh_args.
I guess its OK to have it there in all SSH connections to all hosts, but if there’s any way to do this on a per-host basis, perhaps through another setting or by using local .ssh_config file for example, that would be great.
Thanks so much
Steve
For most configuration items, take a look in the docs about “host_vars/” and “group_vars/” directories.
They are quite awesome for applying variables at host and group var level.
You can’t currently set this on a per host basis, but I’m open to making it possible.
In the meantime, yes, local .ssh_config files for SSH are used, so that’s an option of where to set it per host.
Clarification: they are used for the “-c ssh” connection type.
This is the default on all platforms except RHEL/CentOS 6 and earlier, which have an old SSH, and can’t benefit from the (very useful) ControlPersist speedups.
You could still manually pick this in your ansible.cfg, though I’d recommend enabling pipelining as you’ll have to turn ControlPersist off.