If you're managing multiple servers, typing out full SSH commands with usernames, IP addresses, and specific keys can become tedious. Let's explore how to use SSH config to make your server connections simpler and more efficient.
Understanding SSH Config
The SSH config file lets you create shortcuts for your SSH connections. Instead of typing:
ssh -i ~/.ssh/staging_key [email protected] -p 2222
You can simply type:
ssh staging
Setting Up Your SSH Config
- Create or open your SSH config file:
nano ~/.ssh/config
- Set the file permissions (if it's a new file):
chmod 600 ~/.ssh/config
Basic Configuration Examples
Here's a simple configuration for a single server:
Host webserver
HostName 203.0.113.1
User admin
Port 22
IdentityFile ~/.ssh/id_rsa
Now you can connect by simply typing:
ssh webserver
Advanced Configuration Examples
Multiple Servers with Different Settings
# Production Server
Host prod
HostName 203.0.113.1
User produser
Port 22
IdentityFile ~/.ssh/prod_key
# Staging Server
Host staging
HostName 203.0.113.2
User stageuser
Port 2222
IdentityFile ~/.ssh/staging_key
# Development Server
Host dev
HostName 203.0.113.3
User devuser
IdentityFile ~/.ssh/dev_key
Using Wildcards
Connect to multiple servers with similar patterns:
# All development servers
Host dev-*
User developer
IdentityFile ~/.ssh/dev_key
Port 22
# Matches dev-01, dev-02, etc.
Host dev-01
HostName 203.0.113.11
Host dev-02
HostName 203.0.113.12
Useful SSH Config Options
Connection Settings
Host myserver
HostName 203.0.113.1
User admin
Port 22
IdentityFile ~/.ssh/custom_key
AddKeysToAgent yes
ForwardAgent yes
Compression yes
Keeping Connections Alive
Host *
ServerAliveInterval 60
ServerAliveCountMax 5
TCPKeepAlive yes
Jump Hosts (Bastion Servers)
Host private-server
HostName 10.0.0.5
User admin
ProxyJump bastion
IdentityFile ~/.ssh/private_key
Host bastion
HostName 203.0.113.1
User jumpuser
IdentityFile ~/.ssh/bastion_key
Best Practices
-
Organization
- Group related hosts together
- Use comments to document configurations
- Keep sensitive production configs separate
-
Security
- Use specific IdentityFile for each server
- Avoid using passwords when possible
- Set proper file permissions (600)
-
Default Settings
Host *
UseKeychain yes
AddKeysToAgent yes
IdentitiesOnly yes
HashKnownHosts yes
Practical Use Cases
Development Environment
# Local Development VMs
Host dev-vm
HostName localhost
User developer
Port 2222
StrictHostKeyChecking no
# GitHub
Host github.com
HostName github.com
User git
IdentityFile ~/.ssh/github_key
AddKeysToAgent yes
Cloud Servers
# AWS Servers
Host aws-*
User ec2-user
IdentityFile ~/.ssh/aws_key
# Digital Ocean Droplets
Host do-*
User root
IdentityFile ~/.ssh/do_key
Troubleshooting Tips
-
Connection Issues
- Use
-vflag for verbose output:ssh -v myserver - Check file permissions
- Verify IdentityFile paths
- Use
-
Config File Not Working
- Ensure correct file permissions (600)
- Check syntax and indentation
- Verify file location (~/.ssh/config)
Advanced Features
Multiplexing Connections
Host *
ControlMaster auto
ControlPath ~/.ssh/sockets/%r@%h-%p
ControlPersist 600
Different Keys for Different Ports
Match host * port 2222
IdentityFile ~/.ssh/special_key
Conclusion
A well-organized SSH config file can significantly streamline your server management workflow. Start with basic configurations and gradually add more advanced features as needed.
Remember to keep your SSH keys secure and regularly update your configurations to reflect your current server infrastructure.
Need help optimizing your server connections? Feel free to reach out to our support team.