In this tutorial, we will learn How to Use the SSH Configure File to store the server details:
If you’re regularly using the SSH command to connect multiple remote systems or servers.
It’s very difficult, or we can say it’s nearly impossible to remember all IP addresses, Usernames, Non-standard ports of all remote servers.
To overcome this we can create a bash alias for each remote server one by one but still, this method is not useful if you want to add multiple bash alias for multiple remote servers. However, there is a much better and simpler option for this problem. SSH provides a facility to create a configuration file for each user to store different remote server details to log in.
You need a Linux or a macOS with OpenSSH client installed.
SSH Config File Location
OpenSSH client-side configuration file is named with
config and stored in
.ssh directory, under the user’s home directory.
~/.ssh directory is automatically created when the user runs the
ssh command for the first time in the system. If you are unable to find this Directory, create it using the below command:
mkdir -p ~/.ssh && chmod 700 ~/.ssh
By default, the SSH configuration file does not exist, so you need to create the file using the below command:
Set the file permission to readable and writable only for users and others who can’t access this file:
chmod 600 ~/.ssh/config
SSH Config File Structure and Patterns
The structure of SSH configuration is as below:
host hostname A OPTION value OPTION value host hostname B OPTION value host * OPTION value
The SSH client configuration file is in Stanzas (sections). Each section points to a host which has some option values like port number, user, etc. These Options establish the connection with the remote SSH server.
It is recommended to use Indentation (Space after every stanza), to make the file easier to read.
Host can contain one pattern or a whitespace-separated list of patterns. Each pattern can contain a zero or more non-whitespace character or one of the following pattern specifiers:
*– It indicates all or a fixed range in the host. For example If we use
Host *it will select all the available host. If we want to select a range in the IP address then we use
187.123.0.*, it will select the range 0 to 255 IP addresses.
?– It indicates a fixed match or value. For example, we want
0-20range in an IP address
187.123.0.[0-20], It will select 0-20 IP addresses
!– Exclude a match or value. For example
187.123.0.*, we have to select a pool of /24 IP but need to exclude one IP address
187.123.0.* ! 188.8.131.52
SSH client reads the configuration file section by section, if multiple patterns are found then it will give priority to the first one. Most of the specific declarations must be given at the beginning of the file.
If you want to know the full list of available ssh options by typing
man ssh_config in your terminal or for more detailed information visit the ssh_config page.
SSH config file is also read by the other programs such as
SSH Config File Example
We have to connect to a server as a user named
Linuxpanda to called
Linuxpanda.com on port
4324 form the terminal:
ssh [email protected] -p 4324
We can also access the server with the config file, just enter the above details in
"~/.ssh/config the file.
Host Linux HostName Linuxpanda.com User Linuxpanda Port 4324
Now whenever we type
ssh Linux It will establish a connection with the server.
Shared SSH Config File Example
In the below example, we will learn more detailed information about the host pattern and option precedence.
Let’s check the examples:
Host Hunter HostName 184.108.40.206 User centos Port 7654 IdentityFile ~/.ssh/Hunter_Private.key Host Test1server HostName 192.168.10.20 Host Test2server HostName 192.168.10.50 Host * !Test2server LogLevel INFO Host *server user Alex Host * User root Compression yes
- When we type
ssh Hunterin the terminal, ssh will read the file and apply the option form the First match
Host Hunter, then it will search for the another match that is
Host * !Debianand include it. The next match will be
Host *, it will include only the
Compressionpart because it already has the
Userpart from the
HostName 220.127.116.11 User centos Port 7654 IdentityFile ~/.ssh/Hunter_Private.key LogLevel INFO Compression yes
- When we type
ssh Test1server, the matched will be
Host * !Debian,
HostName 192.168.10.20 user Alex LogLevel INFO Compression yes
- When we type
ssh Test2server, the matched will be
HostName 192.168.10.50 user Alex Compression yes
- All other SSH Host or Login will include
Host * !Test2server,
Host *in their details if not mentioned in the command like user, port, compression.
Override SSH Config File Option
The SSH client reads the configuration according to the priority order.
- SSH Options specified from the command line (First Priority)
- Defined in the
- SSH Options defined in the
If we want to override any option, then we can mention that option in the command. For example, the following details:
Host Hunter HostName Linuxpanda.com User centos Port 7654
We want to include all the details except the User then we have to specially mention the user in the command:
ssh -o "User=root" Hunter
SSH command also allows an option to specify an alternative per-user configuration file with the help of
-F [config file].
If we want to ignore all the options specified in the config file then use:
ssh -F /Hunter/null [email protected]
In this tutorial, we have explained how to configure ssh config file as per the requirement. We can set up the SSH key-based authentication and connect to the server without entering the password.
If we did not mention the port in the config file then by default it uses port 22. To increase the security on the server change the default port of the SSH to reduce the risk of attacks on the server.
If you guys have any queries related to this How to Use SSH Configure File tutorial, Let me know in the comments.