As a SysAdmin I connect to a lot of different hosts using SSH. Some of them are configured to use non-standard ports, some require X11 forwarding, and all of them use a different set of ssh keys for security reasons. I used to find myself typing long commands just to connect to a server. Something like this usually.

ssh -p 2222 -i ~/.ssh/id_fenrir_rsa -X fenrir

The above command connects me on non-default port 2222, specifies which identity file to use, and enables X11 forwarding to a host server named fenrir. I could set up an alias for every server, but there is a better way to handle this. This is where a per host ssh configuration comes in handy.

Introduction

Basically any configuration option that you can put into /etc/ssh/ssh_config you can put into the user specific configuration file at ~/.ssh/config. You can save all your hosts in a single file and then just use ssh <hostname> to connect with all the host specific configuration options.

So, let’s use my ssh command above that connects to the server called fenrir as an example. We will assume that I already created the ssh keys and transferred them to the server.

Create User Specific Configuration File

To start, we will create a new file ~/.ssh/config and open it in our favorite editor (vim for me) and add the following lines.

Host fenrir
IdentityFile ~/.ssh/id_fenrir_rsa
IdentitiesOnly yes
ForwardX11 yes
Port 2222

Set Permissions

Save the file and set the permissions:

$ chmod 600 config

Testing Per User Configuration File

Now when we want to connect to fenrir, all we have to type is “ssh fenrir”.

$ ssh fenrir
Last login: Tue Jan 22 22:06:13 2019 from putor
[[email protected] ~]$

Configurations for Multiple Hosts

You can set as many hosts as you like in the configuration file, and even add comments to help as notes. To add a second host, just open the file and insert another host declaration.
NOTE: These settings will only be used for the user creating this file.

# Fenrir - Red Hat Satellite Server
Host fenrir
IdentityFile ~/.ssh/id_fenrir_rsa
IdentitiesOnly yes
ForwardX11 yes
Port 2222
# Umbria - Red Team Server
Host Umbria
IdentityFile ~/.ssh/id_umbria_rsa
IdentitiesOnly yes
Port 2020

To see a full list of options you can set see the ssh_config man page.

Conclusion

This will allow you to set seperate configurations for each host that are specific to your user. If you are connecting to hosts with different options often, this could be a huge time saver.

Work smarter not harder.

Resources