On my work laptop, if I need to SSH to a non-work machine, I need to go through a proxy server, but only when I’m on the work network (either in the office or on the VPN). I do this by setting a ProxyCommand line in my SSH config file. When I’m not in the office or on the WAN, though, I don’t want to use the proxy. Is there an easy way to automate the decision to use or not use the proxy?
In your .ssh/config use the Match keyword to create a conditional section.
The Match keyword takes different arguments, one of them is exec which will allow you to run an external command and use the return value of that command to decide whether this section applies or not.
You can use that to run a script that inspects whatever network settings you can use to tell the difference between the different networks. The script needs to return 0 when a ProxyCommand is needed and any non-zero value when a ProxyCommand is not needed.
Here is an example of what the config could look like:
Match host external-host.example.com exec /home/joe/bin/need-proxy
ProxyCommand /home/joe/bin/proxy-script %h %p