Take control of your ssh configuration
Secure Shell (SSH) is an essential tool for managing remote servers and devices. However, it can be painful to look up your different commandline options and make sure you’re not messing up some part of the command. The ssh_config file allows you to streamline and secure your SSH connections by defining reusable settings. We’ll also talk about how we can seamlessly interact with different remote git repo like Github, Gitlab and others.
Table of Contents
- What is SSH Config?
- Basic SSH Config Syntax
- Common SSH Config Directives
- Advanced SSH Configurations
- Applying SSH Config Changes
- Final Thoughts
What is SSH Config?
The ssh_config file is a configuration file for the SSH client that allows you to set defaults for specific hosts, customize authentication methods, and configure connection options. It is found in:
- Per-user configuration:
~/.ssh/config - System-wide configuration:
/etc/ssh/ssh_config
Using this file, you can create short and readable host aliases, specify authentication keys, set ports, and even enable advanced features like proxying through jump hosts.
Basic SSH Config Syntax
Each configuration block begins with a Host directive followed by settings for that host. Example:
Host myserver
HostName example.com
User myuser
Port 2222
IdentityFile ~/.ssh/id_rsa
Now, instead of typing:
ssh -i ~/.ssh/id_rsa -p 2222 myuser@example.com
You can simply run:
ssh myserver
Common SSH Config Directives
Here are some commonly used settings:
| Directive | Description |
|---|---|
Host | Defines a block for specific hosts; wildcards (*, ?) can be used. |
HostName | The actual hostname or IP address to connect to. |
User | Default username for login. |
Port | Specifies the SSH port (default is 22). |
IdentityFile | Defines the SSH private key file to use. |
ForwardAgent | Enables SSH agent forwarding (yes or no). |
ProxyJump | Specifies an intermediate host (jump host) for proxying SSH connections. |
ServerAliveInterval | Sends a keep-alive packet every X seconds. |
ServerAliveCountMax | Number of failed keep-alive responses before disconnecting. |
Advanced SSH Configurations
1. Configuring Github origins
If you connect to multiple remote servers, you can define each one separately:
Host github-work
HostName github.com
User git
IdentityFile ~/.ssh/id_github
Host workserver
HostName 192.168.1.100
User admin
Port 2222
Now, you can connect to GitHub with:
git remote add origin git@github-work:company/ExampleRepo.git
git add .
git commit -m 'message'
git push origin master
And to your work server with:
ssh workserver
You can set up different remotes for different repos.
2. Wildcard Hosts
You can use wildcards to apply settings to multiple hosts:
Host *.example.com
User myuser
IdentityFile ~/.ssh/example_key
This configuration applies to server1.example.com, server2.example.com, etc.
3. Using a Jump Host (ProxyJump)
If a server is only accessible via an intermediate (bastion) host:
Host internal-server
HostName 10.0.0.100
User admin
ProxyJump bastion-host
Now, running:
ssh internal-server
Will automatically route through bastion-host.
4. Disable Strict Host Key Checking
For temporary connections or testing environments:
Host testserver
HostName test.example.com
User testuser
StrictHostKeyChecking no
UserKnownHostsFile /dev/null
This prevents SSH from prompting about host key changes and avoids storing the host key.
Applying SSH Config Changes
After editing ~/.ssh/config, apply changes by running:
ssh -F ~/.ssh/config myserver
Or restart the SSH agent with:
ssh-add -D
Final Thoughts
Using SSH config effectively can save you time, improve security, and simplify managing multiple remote connections. Whether you’re setting up aliases, enabling SSH key authentication, or routing through a jump host, the ssh_config file is an essential tool for any developer or sysadmin.
Start optimizing your SSH workflow today! 🚀