vtk sock setup should use Include instead of "I own your ssh config file now"

[td-usds]

vtk socks setup insists on taking full and complete ownership over the content in your ~/.ssh/config file.
It will blow away your existing configuration (if you have one - and back it up to config.bak, sure) and replace it with its own content during setup

Instead, the tool should:

1. Dump its precious cargo (what currently goes in the ssh config file) in ~/.ssh/config-va.gov
2. Grep the current ssh config file for Include config-va.gov
   1. If found: do nothing
   2. If not found: append it to the file

[rmtolmach]

+1

I don't necessarily mind my ssh config being overwritten, but I would have like to been notified about the .bak file. I was surprised when a git clone failed and had to do some digging to figure out what happened. A log line after this line would work.

[ph-One]

Along the same lines as @td-usds , but instead use Include config.d/* and place the vtk config into ~/.ssh/config.d/[vtk-socks.conf].

[rsmithadhoc]

+1

I added my thoughts for docs improvements but this could also be addressed in vtk: department-of-veterans-affairs/va.gov-team#38410

### Description

- _"You can configure connecting to GitHub via SSH instead if you prefer."_
    - While that is true and it links to GitHub's guide, the SOCKS setup overrides `~/.ssh/config`, so if you previously set up GitHub SSH, it will need to be re-added to this file. [GitHub - Generating a new SSH key and adding it to the ssh-agent](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent#adding-your-ssh-key-to-the-ssh-agent). Instead of `Host *`, you can use `Host github.com` to limit it to GitHub connections.
        ```
        Host github.com
        AddKeysToAgent yes
        UseKeychain yes
        IdentityFile ~/.ssh/id_ed25519
        ```
    - Alternatively, the script that modifies `~/.ssh/config` could be changed to append to that file instead of overwriting it and not use `Host *` for its SSH key, so any previous SSH keys added for GitHub remain and still work.

### Relevant URLs

https://depo-platform-documentation.scrollhelp.site/getting-started/Internal-tools-access-via-SOCKS-proxy.1821081710.html

[jilladams]

+1 to rmtolmach's comment above. Without knowing this had happened, took awhile to figure out why my Git permissions weren't working, after running vtk.

[LouisFettet]

+1 as well; unless you're running this on a brand new machine, it's going to cause some grief.

Also, the default setup here for Macs seems to prefer using Keychain, whereas I use 1Password to manage my SSH keys. I wouldn't expect vtk to account for this, but it would be nice to have some additional instructions on how to handle migrating things out of Keychain and into a different manager (if I have time I might write up something after I get things working the way I'd like).