SSH is a popular remote management protocol that is secure, flexible, easy to use. SSH provides a lot of features in order to make SSH usage easy and straightforward. As SSH provides a lot of different features these features can be configured in different ways. The most interactive way is using parameters with the ssh command. But if we need to make the SSH configuration permanent the SSH configuration file can be used. Every time the ssh command is executed the specified configuration is set from the SSH configuration file.
The SSH configuration file can be also used to store remote SSH servers with an alias in order to connect them easily without remembering their IP address. Another useful feature of the SSH config file is setting per-user or per-host configuration for the remote SSH servers.
SSH Configuration File Path
The SSH configuration file can be located in different paths with different precedences. The SSH configuration file can be stored in the current user home directory under the directory named
.ssh . The “.ssh” directory is hidden in order to prevent accidental removal. The SSH configuration file is named as
config . The complete path of the SSH configuration file for the current user is below.
There is also another SSH configuration file named
Global SSH Configuration . This SSH configuration file is used by all users in the current system. The glocal SSH configuration file is located under the
/etc/ssh/ . The glocal SSH configuration file is named as
ssh_config . The complete path for the global SSH configuration file is below
Create SSH Configuration File
The SSH configuration file is a simple text file that contains SSH configuration and directives. By default, the current user SSH configuration file is not created but the global SSH configuration is created. In the following example, we create the SSH config file for the current user.
$ touch `/.ssh/config
Then we make some security configurations and hardening for the SSH configuration file. With the chmod command we set the SSH configuration file only read and writeable by the owner.
$ chmod 600 ~/.ssh/config
Default SSH Configuration File
After installing the SSH a default configuration is created. The default configuration for the SSH can be listed by printing the global SSH configuration file with the cat command like below.
$ cat /etc/ssh/ssh_config
SSH Configuration File Structure
The SSH config has a simple structure where general configurations are specified at each line. Host-specific configurations are specified under the host definition with indents.
ForwardAgent no ForwardX11 no ForwardX11Trusted yes PasswordAuthentication yes Host 192.168.1.10 User ali Port 2221
Set Host Specific Configuration
As stated previously we can provide host-specific configurations which do not conflict with other configurations. In the following example, we provide configuration for the host server1.linuxtect.com and 192.168.1.10
ForwardAgent no ForwardX11 no ForwardX11Trusted yes PasswordAuthentication yes Host 192.168.1.10 User ali Port 2221 ForwardX11 yes Host server1.linuxtect.com User veli
The SSH configuration file may contain comments which are not interpreted as configuration. The
# sign is used to specify the comment or comment line. Comment lines start with the # sign.
# This line is a comment ForwardAgent no ForwardX11 no ForwardX11Trusted yes PasswordAuthentication yes #This host is our database configuration Host 192.168.1.10 User ali Port 2221 ForwardX11 yes