I would like to propose that we configure SSH with a wildcard instead of individual host names. For example:

coder.*  ProxyCommand coder %h

And inssh.go we trim out thecoder. prefix.

Mainly, this is to support the IDEs. VS Code already does this with a specialvscodessh sub-command but I think we should roll that up intossh, then JetBrains can also benefit.

The main reason is that the IDEs support connecting to anyone's workspace (for admins). That means potentially hundreds of SSH config entries, and potentially hundreds of calls to template resources, since that has to bedone for every workspace, at least the ones that are off, to get the agent names.

It would eventually remove the need for the Gateway and VS Code plugins to implement their own versions ofconfig-ssh as they currently do, but this would need one more tweak to include the deployment URL in the host (for examplecoder-vscode.dev.coder.com--* is generated by the VS Code plugin).

It would eliminate the resource fetch loop inconfig-ssh as well.

As one data point, I tested with 138 off workspaces and configuring SSH took 20 seconds.

Alternatives:

• A separateidessh sub-command that does this, maybe just renamevscodessh and add a deprecated alias, but I believe it also has some VS Code-specific logic that would need to be figured out.
• Gate it behind flags (config-ssh --wildcard andssh --wildcard or some such).
• Skip changingconfig-ssh for now, and addssh --strip-prefix=coder-vscode.dev.coder.com-- or some such flag to at least allow the IDEs to configure their own wildcard host.
• From the IDEs, we could instead do some inline shell magic to strip out the prefix, but I am not sure what Windows support looks like.

coder-vscode.dev.coder.com--*  ProxyCommand coder $(echo "%h" | sed 's/coder-vscode.dev.coder.com--//')

Edit: I presented the prefix flag as an alternative, but actually no matter what we will need a prefix flag forssh because we want unique hosts for the plugins so they can add different SSH configuration if necessary (for example the session type env var, although that is deprecated). I also learned thatconfig-ssh already has anssh-prefix-host flag, so it makes sense to add that same flag tossh. Then we can useProxyCommand coder ssh --ssh-prefix-host coder-gateway.dev.coder.com. %h and emit a single wildcard entry in the plugins.

I think we should still eventually changeconfig-ssh to use wildcards, and switch the plugins to useconfig-ssh instead of replicating that effort, but that can be done later.