Toby Devlin

Mastering ssh With The Config File

ssh, code

A guide to mastering the .ssh/config file for streamlined SSH connections, showcasing tips, examples, and advanced features.

Today, we're diving into one of the most underrated power tools in your tech arsenal: the SSH configuration file. Whether you're juggling multiple servers, tired of typing the same long commands, or just curious about what this file can do, you're in the right place. By the end of this post, you'll be wielding SSH like a pro!

What is SSH, and Why the .ssh/config File?

SSH (Secure Shell) is the gateway to managing remote servers securely. Normally, connecting to a remote server means typing out a lengthy command like this:

1
ssh user@192.168.1.10 -p 2222 -i /path/to/key

Tedious, right? That's where the .ssh/config file comes to the rescue. It lets you define reusable configurations for your SSH connections, turning the command above into something as simple as:

1
ssh myserver

Sounds cool? Let's configure it!

Setting Up Your .ssh/config File

Here's what we're gonna do:

  1. Locate or create the .ssh/config file.
  2. Define custom connection profiles.
  3. Test and tweak as needed.

Step 1: Locate or Create the File

The .ssh/config file lives in your home directory. If it doesn't exist yet, no worries—we'll create it.

1
2
cd ~/.ssh
nano config
Note: Make sure the .ssh directory and the config file have proper permissions:
1
2
chmod 700 ~/.ssh
chmod 600 ~/.ssh/config

Step 2: Define Connection Profiles

Let's make your life easier by adding custom profiles. Here's a simple example:

1
2
3
4
5
Host myserver
    HostName 192.168.1.10
    User user
    Port 2222
    IdentityFile ~/.ssh/id_rsa

What's Happening Here?

  • Host: A nickname for your connection. Use it when running the ssh command.
  • HostName: The server's address (IP or domain).
  • User: Your login username.
  • Port: The SSH port (default is 22).
  • IdentityFile: Path to your SSH private key.
See the ssh man page for the key definitions.

Step 3: Test Your Connection

Save the file, then test your shiny new setup:

1
ssh myserver

Hey presto! If everything is configured correctly, you'll connect without typing the long-winded command.

Warning: If you're having trouble, double-check the file permissions and paths.

Advanced .ssh/config Features

Feeling adventurous? Here are some pro-level tricks:

1. Wildcard Hosts

Got multiple servers with similar patterns? Use wildcards:

1
2
3
Host server-*
    User admin
    IdentityFile ~/.ssh/admin_key

Now, ssh server-1 or ssh server-2 will automatically apply this config.

2. ProxyJump (Jump Hosts)

Need to connect through an intermediate server? Use ProxyJump:

1
2
3
4
Host internal-server
    HostName 10.0.0.5
    User user
    ProxyJump gateway-server

This connects to internal-server via gateway-server. No manual tunneling needed!

3. Example: Using a Jump Host for a Remote Database

This example configures network-local-db as a jump host to access a database on another network:

1
2
3
4
5
Host network-local-db
    HostName 192.168.0.11
    User user
    IdentityFile ~/.ssh/db_key
    LocalForward 3306 10.66.4.22:3306

What's Happening Here?

  • LocalForward: Forwards traffic from localhost:3306 to 10.66.4.22:3306 on the jump host, making the private database accessible locally.

To test it, simply run:

1
ssh network-local-db

Connect to a database on localhost:3306 and the data will be proxied through to the database in the private network.

4. Example: Running a Local Command After Login

Here's how you can run a command to update a login log file after connecting:

1
2
3
4
5
Host log-updater
    HostName 192.168.0.12
    User user
    PermitLocalCommand yes
    LocalCommand echo "Login on $(date)" >> ~/ssh_login.log

What's Happening Here?

  • PermitLocalCommand: Enables the use of LocalCommand.
  • LocalCommand: Appends the login time and date to a local log file (~/ssh_login.log).

To test it, run:

1
ssh log-updater

After connecting, check the contents of ~/ssh_login.log to verify the update.

Conclusion

Congratulations, you've just unlocked the magic of the .ssh/config file! No more repetitive typing, no more juggling keys and ports. Whether you're managing a single server or an entire fleet, this file streamlines your workflow and saves you precious time.

So, go ahead and start experimenting. Add your favourite servers, try out wildcards, or dive into advanced features like ProxyJump. The sky's the limit!

← Back To Blog