- Use SSH Config File to Manage SSH Connections to Various Remote Servers
- Using SSH config file for easily connecting to remote servers
- Step 1: Create the SSH config file
- Step 2: Add an SSH profile in the config file
- Step 3: Adding multiple profiles in SSH config file
- Order of the SSH configuration
- There’s a lot more to SSH config
- How to use SSH config file
- Prerequisites
- Common SSH configuration options
- SSH Client Config Files
- Create User Specific SSH Configuration File
- Run the SSH command for different hosts
- Conclusion
- About the author
- Fahmida Yesmin
Use SSH Config File to Manage SSH Connections to Various Remote Servers
Using SSH profiles can help you in cases where you regularly connect to various servers. No need to remember the IP address and other such details for SSH connection.
If you are even a tad bit familiar with SSH, you know that you can use it to connect to remote Linux systems.
Using SSH to connect to remote system is simple. All you need to do is to use a command like this:
This connects to the default SSH port 22. You may specify the port as well if you want.
Now this is all plain and simple if you just have one server. Even if you don’t remember the server’s IP address, you can perform a reverse search to the history using the famous terminal keyboard shortcut Ctrl+R and find the SSH command you used in the past.
But things get complicated when you have several servers to manage. I have around ten servers that I connect to from time to time. Some are production servers and some are test servers.
Now keeping a track of these servers is not easy. Even if I can find the SSH commands from the history, it is difficult to guess which IP belongs to which server.
Of course, I can open my dashboards on Linode, UpCloud, DigitalOcean and Google Cloud to get the IP or keep a list on my local system.
A better and easier way is to use SSH config file.
Using SSH config file for easily connecting to remote servers
The SSH config file allows you to create different profiles for different host configurations. There is no limit to such profiles and you may add as many as possible.
So, if you connect to multiple remote systems via SSH, creating SSH profiles will be a good move to save your time.
Let me show you how to use it.
Step 1: Create the SSH config file
When you install SSH, you’ll have a ~/.ssh directory created automatically. This direct contains your public key, private key a known_hosts file. Your config is also stored here.
At least on Ubuntu, the SSH config file is not created by default. You can easily create this file using the touch command like this:
Step 2: Add an SSH profile in the config file
Now that you have the SSH config file, you can edit it using Vim or Nano. Let me show you an example of the syntax which you should follow.
Let’s say you connect to a server with IP 275.128.172.46. Your username is Alice and the server is used for hosting your website. To harden SSH security, you use port 1500 instead of the default SSH port 22.
You can add all this information in the following manner in your ~/.ssh/config file:
Host website Hostname 275.128.172.46 User alice Port 1500
Just save the information in the file. No need to restart any service.
Now, instead of writing a long command like this:
You can just use this command (tab completion works as well):
When you run the above command, ssh looks for a Host named website in the ~/.ssh/config. If it finds a host with that name, it gets all the information related and used it for making an SSH connection.
You might wonder about a few things, so I’ll mention it here:
- There is no space or tab indention restriction while entering the host information. Space or tab indention are used for making the config file easily understandable.
- The Hostname can be the IP address of the server or a hostname that can be resolved on your network.
- All the parameters like hostname, user and port are optional. However, I personally advise keeping at least hostname because that’s what you need (and you forget) most of the time.
- If your SSH config file is wrongly configured, it will result in an error when you try to use it for SSH connection.
- You cannot save passwords in SSH config. I advise adding your public SSH key to the server for easy access.
Step 3: Adding multiple profiles in SSH config file
The previous step gave you an idea about how to add an SSH profile. Let’s take it to the next step by adding multiple profiles in it.
Here’s what the SSH config file looks like now:
Host website Hostname 275.128.172.46 User alice Port 1500 Host forum-server Hostname 275.128.172.47 User alice Host main-server Hostname 275.128.172.49 Host common-test-server Hostname test-server Host * User root
This time, I have added four different SSH profiles in it.
Did you notice the Host * entry at the end of the file? You can use this entry to for adding a parameter common to all profiles if that parameter hasn’t been mentioned for the profile explicitly.
So if I try to use the main-server SSH profile, it will automatically take root user.
ssh main-server = ssh [email protected]
Order of the SSH configuration
The ssh configuration follows the following order:
- command-line options
- user’s configuration file (~/.ssh/config)
- system-wide configuration file (/etc/ssh/ssh_config)
This means that the priority is given to the command you enter and then it looks into ~/.ssh/config and then in /etc/ssh/ssh_config.
So, if you want to override a profile, you can do that using the -o option of the ssh command.
For example, if I use this command:
It will take user bob instead of the user alice as defined in the ~/.ssh/config (in the previous step).
There’s a lot more to SSH config
To be honest, there is so much more to SSH config file that cannot be covered in a single article. You can use name/IP matching, subnets and what not.
The scope of this article was to introduce you to SSH config and help you create SSH profiles for easily connecting to various remote Linux systems.
You can always refer to the man page of ssh_config to know more about the parameters you can use while creating your SSH config file.
I hope this SSH tip was helpful to you. If you already use SSH config file and have a some nifty tip with you, do share it with the rest of us in the comment section.
How to use SSH config file
When the user needs to access the remote servers frequently using SSH protocol, then the user will require to remember the IP addresses, usernames, different port numbers, and command-line options. But it is not an efficient way to do the tasks. This problem can be solved in multiple ways. The user can create the alias command of the bash for the remote connection that is easier to remember. Another solution is to create an SSH config file for each user to save the different SSH options for the different remote systems. The use of SSH config files for accessing the remote servers regularly have shown in this tutorial.
Prerequisites
Before starting the steps of this tutorial, the following steps will be required to complete.
Enable the SSH service on Ubuntu if it is not enabled before.
Generate the SSH Key pairs to execute the commands in the remote server. Run the following command to create the public key and the private key. The private key will be stored in the remote server, and the public keys will be stored in the client securely.
Run the following command to open the sshd_config file using nano editor to add some necessary configurations.
Add the following lines in the file to enable the root login and password-based authentication.
Run the following command to restart the SSH service.
Common SSH configuration options
Different configuration options can be set in the config file of the client machine for different purposes. Some of the useful options have explained in the following table.
Option | Purpose |
---|---|
HostName | It is used to define the hostname or IP address of your remote server. If the host identifier defines the original hostname, then it is not required to set. |
User | It is used to set the username of the remote server. |
Port | It is used to define the port number that is used for listening to the server connection. The default port number is 22. |
Compression | The compression will be used if it is set to yes. The default value of this option is no. |
ForwardX11 | It is used to redirect the X11 connection automatically over the secure channel and the DISPLAY set. The value of this option can be yes or no. The default value is no. |
IdentityFile | It is used to specify the public key path that the SSH client will use for authentication. |
LogLevel | It is used to define the verbosity level that is used when logging messages from ssh. The values of this option can be QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. The default value is INFO. |
ServerAliveCountMax | It is used to set the number of server alive messages. |
ServerAliveInterval | It is used to set the timeout interval in seconds, after which if no response has been received from the server. The default value of this option is 0, which means no message will be sent to the server. |
SSH Client Config Files
You can use the default client-side configuration file to set up config values, and the file path is /etc/ssh/ssh_config. It contains the settings that are applicable for all users of the SSH client. But if you want to apply the setting for the particular user, it is better to use the custom configuration file applicable to that user. How to use a custom client-side config file has been shown in the next part of this tutorial.
Create User Specific SSH Configuration File
Create a folder named .ssh inside the home directory of the client user and create a configuration file named config with the following content inside this folder. Here, three types of hosts have been defined. The first host is ‘fahmida,’ and the hostname is ‘Yasmin. It will connect to the SSH server using the default port, 22. The second host is ‘fahmida.com.bd,’ and the hostname is an IP address. The value of the ForwardX11 is set to ‘yes’ for the second host, which means it will automatically redirect the X11 connection over the secure channel. The parameters of the third host are defined for all hosts. The IP address values, port number, IndentityFile, compression, ServerAliveInterval, and ServerAliveCountMax parameters have been defined in the third host. The IdentifyFile parameter has defined the location of the public key. The compression parameter has been defined to compress the data. ServerAliveInterval and ServerAliveCountMax parameters have been defined to increase the SSH connection time.
Host fahmida
HostName Yasmin
Host fahmida.com.bd
HostName 10.0.2.15
ForwardX11 yes
Host *
User Ubuntu
HostName 10.0.2.15
Port 22
IdentityFile ~/.ssh/id_rsa
Compression yes
ServerAliveInterval 60
ServerAliveCountMax 20
Run the SSH command for different hosts
Run the following ssh command to connect with the host, ‘fahmida,’ and the hostname, ‘Yasmin. Here, the -i option has been used with the ssh command to mention the path of the public key.
The following output will appear if the SSH connection is established properly with the server.
Run the following ssh command to connect with the host, ‘fahmida,’ and the IP address. Here, the -i option has been used with the ssh command to mention the path of the public key, and the -p option has been used to define the port number.
The following output will appear if the SSH connection is established properly with the server.
Run the following ssh command without any option to connect with the host, ‘fahmida,’ and the hostname, ‘fahmida.com.bd.’
The following output will appear if the SSH connection is established properly with the server.
Conclusion
Using the custom SSH config file for making an SSH connection with the server has been shown in this tutorial by using the local host of the two accounts. You can follow the same process to make an SSH connection with the host of the remote network.
About the author
Fahmida Yesmin
I am a trainer of web programming courses. I like to write article or tutorial on various IT topics. I have a YouTube channel where many types of tutorials based on Ubuntu, Windows, Word, Excel, WordPress, Magento, Laravel etc. are published: Tutorials4u Help.