CIQ
HomeCIQ BlogRocky Linux

How to Use SSH Config Files for More Efficient (and Easier) Remote Logins

How to Use SSH Config Files for More Efficient (and Easier) Remote Logins
the CIQ TeamJune 18, 2024

Most casual SSH users know how to do the basics: ssh 192.168.1.1 or ssh user@example.com. As they do more with SSH over time, they end up with too many hostnames, usernames, and IP addresses to memorize. Thankfully, there’s an easier way with custom SSH configs.

SSH config files give you all the productivity benefits of remote server administration without the cognitive overload. They’re super helpful for sysadmins who log in to a variety of web, database, app, and utility servers on a daily basis. And they’re helpful for everyday casual users, too.

These files configure the behavior of SSH and are very simple to use. They make your SSH world go faster and they reduce the amount of typing (especially those frustrating fat-fingered password failures).

This guide is going to teach you how to use config files to specify:

We’re a Rocky Linux shop, so all our examples assume you’re using Rocky on your client and server machines. If you’re using another Linux (or *nix OS, like macOS), some implementation details may differ.

SSH config file locations

SSH reads configuration files from the following directories (in this specific order):

  • The global configurations found in /etc/ssh/ssh_config
  • Configuration files found in ~/.ssh/ssh_config
  • The command line

You can set global SSH configurations, per-user configurations, or a combination of the two. We're going to focus on the per-user configurations, which are found in ~/.ssh/ssh_config.

One thing to keep in mind is these files are created and housed on the client machines, not the server.

Creating your SSH config file

To make use of an SSH config file, you first have to create it. Log in to your client machine (or any machine you wish to configure) as the user in question and create the file ~/.ssh/ssh_config

Let's say you have other servers with the following configurations:

  • Web server at IP address 192.168.1.10 with user penguin
  • Web server at IP address Example Domain with user linux
  • Docker dev machine at IP address 192.168.1.111 with user builder
  • MySQL server at IP address 192.168.1.45 with user bunchy that uses SSH key ~/.ssh/bunchy_key

Let's create configurations for each of those. The basic layout of each configuration looks like this:

Host NICKNAME
  Hostname SERVER
  User USERNAME
  OTHER OPTIONS

Where NICKNAME is the nickname you'll use for the server, SERVER is the IP address or hostname for the remote server, USERNAME is the username on the remote machine, and OTHER OPTIONS are various options available for configuration.

For example, your file might look like this:

Host web1
  Hostname 192.168.1.10
  User penguin

Host web2
  Example Domain 
  User linux

Host dockerdev
  Hostname 192.168.1.111
  User builder
  Port 2022

Host dbase
 Hostname 192.168.1.45
  User bunchy
  IdentityFile ~/.ssh/bunchy_key
  PubKeyAuthentication yes

If you want to connect to the first web server (“web1”), issue the command ssh NICKNAME like this:

ssh web1

The other machines could be reached via the following commands:

ssh web2

ssh dockerdev

ssh dbase

Configuring global options

You can also configure global options in the per-user configuration files. Say, for example, you log in with the same username on each of the servers on the 192.168.1.x network (but it's not the same username on the local machine). For that, you could add two lines at the top of the file that would look something like this:

Host 192.168.1.*
  User penguin

You could configure the individual remote machine as needed, but not have to worry about the User option. So your configurations would look like this:

Host web1
  Hostname 192.168.1.10

Host web2
  User linux
  Example Domain 

Host dockerdev
  Hostname 192.168.1.111
  Port 2022

Host dbase
  Hostname 192.168.1.45
  IdentityFile ~/.ssh/bunchy_key
  PubKeyAuthentication yes

Notice that we added the User option for web2. Since that entry isn't on the 192.168.1.x network, the global configuration lines at the top of the file won't apply.

There are plenty more options that can be configured in your SSH client config files. You should check out the official documentation for more detailed information, but we’ll list some of the more interesting ones here:

  • X11 forwarding and agent forwarding
  • Port forwarding
  • Public key authentication
  • Certificate-based authentication
  • Address binding
  • Connection attempts and timeouts
  • Protocol settings
  • RSA authentication

Use SSH config files to speed up your daily work

SSH config files can significantly improve your remote login experience and increase your productivity. Centralizing your configurations can streamline your workflows and reduce the likelihood of errors. Plus, it’s just plain ol’ fun.

If you want to see more tutorials like this, just let us know. We like writing them! Send us an email at info@ciq.com.

Related posts

2023 Holiday Gift Guide for Rocky Linux Users

2023 Holiday Gift Guide for Rocky Linux Users

Dec 19, 2023

Rocky Linux

Why Rocky Linux Is a Rock-Solid Choice in an Economic Downturn

Why Rocky Linux Is a Rock-Solid Choice in an Economic Downturn

Jan 18, 2023

Rocky Linux

6 Signs That It's Time to Move to Rocky Linux

6 Signs That It's Time to Move to Rocky Linux

Feb 23, 2023

Rocky Linux

123
39
>>>