SSH reliability settings

.github/workflows/tests.yml

@@ -798,6 +798,14 @@ jobs:
                 && rm -f "\${tmphosts}" \
                 && getent hosts api.${{ matrix.subdomain }}.${{ matrix.dns_tld }} | grep 127.0.1.1
 
+              sshd -T
+              service ssh restart
+
+          # https://forums.docker.com/t/docker-compose-through-ssh-failing-and-referring-to-docker-example-com/115165/18
+          - path: /etc/ssh/sshd_config.d/00-cloud-init
+            content: |
+              MaxStartups 100:0:100
+
         # cloud-init runs as root
         # (e.g.) https://cloudinit.readthedocs.io/en/latest/reference/merging.html#example-cloud-config
         runcmd:
@@ -839,6 +847,10 @@ jobs:
         aws ec2 wait instance-running --instance-ids "${instance_id}"
         with_backoff aws ec2 wait instance-status-ok --instance-ids "${instance_id}"
 
+        private_ip="$(aws ec2 describe-instances --instance-id "${instance_id}" \
+          | jq -r .Reservations[].Instances[].PrivateIpAddress)"
+        echo "private_ip=${private_ip}" >>"${GITHUB_OUTPUT}"
+
       env:
         ATTEMPTS: 2
         AWS_DEFAULT_REGION: ${{ vars.AWS_REGION || 'us-east-1' }}
@@ -876,10 +888,20 @@ jobs:
         trap 'log_output' EXIT
 
         # https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-getting-started-enable-ssh-connections.html
+        mkdir -p "${HOME}/.ssh/controlmasters"
         cat << EOF > "${HOME}/.ssh/config"
+        host *
+            StrictHostKeyChecking no
+            UserKnownHostsFile /dev/null
+
         host i-*
             StrictHostKeyChecking no
             UserKnownHostsFile /dev/null
+            TCPKeepAlive yes
+            ServerAliveInterval 5
+            ControlPath "${HOME}/.ssh/controlmasters/%r@%h:%p"
+            ControlMaster auto
+            ControlPersist 5m
             ProxyCommand sh -c "aws ssm start-session --target %h --document-name AWS-StartSSHSession --parameters 'portNumber=%p'"
         EOF