SSH client configuration files allow us to connect to servers with pre-configured commands. This saves time by avoiding typing each SSH command parameter when logging into a remote machine and executing commands on a remote device.

If you are regularly connecting to multiple remote systems over SSH, you’ll find that remembering all of the remote IP addresses, different usernames, non-standard ports, and various command-line options is difficult, if not impossible.

How to Use SSH client config files

To begin, ensure that you have SSH installed on your machine. The .ssh directory ist usualy located under the user’s home directory. It  is automatically created when the user runs the ssh command for the first time. If the directory doesn’t exist on your system, create it using the command below:

mkdir -p ~/.ssh && chmod 700 ~/.ssh

Next, create the SSH config file with the following command and save it in your home directory .ssh folder.

$ touch /home/yourusername/ .ssh/config
//Or
touch ~/.ssh/config

This file must be readable and writable only by the user and not accessible by others:

chmod 600 ~/.ssh/config 
//or
chmod 700 ~/.ssh/config

Creating a connection

Typically, when connecting to a remote server via SSH, you would specify the remote user name, hostname, and port. For example, to log in as a user named brice to a host called dev.example.com on port 116 from the command line, you would type:

ssh brice@dev.example.com -p 116

To connect to the server using the same options as provided in the command above, simply by typing ssh dev, put the following lines to your "~/.ssh/config ” file:

Host dev
    HostName dev.example.com
    User brice
    Port 116

Now when you type ssh dev, the ssh client will read the configuration file and use the connection details that are specified for the dev host:

ssh dev

Now let´s define multiple entries in the config file. Here is an example file showing numerous hosts:

Host newServer
  HostName newServer.url
  User adminuser
  Port 2222
  IdentityFile ~/.ssh/id_rsa.key

Host anotherServer.tld
  HostName anotherServer.url
  User mary
  Port 2222

The example file defines two Host entries in the config file and separates them using an empty line. It’s worth noting that the configuration file can have many entries. If that is the case, simply use a blank line to separate them.

Connecting

Use the specified Host identifier and run the following commands to connect to your remote server:

$ ssh newServer
$ ssh anotherServer.tld

The SSH client parses the config file and compares the defined Host identifier’s values with the provided identifier. If they match, the configuration loads.

Next, let’s see what the various parameters in the config file do.

• Hostname specifies the actual hostname. You can also use numeric IP addresses. You can skip this if the Host identifier already identifies the hostname you want to connect.
• Host defines the host or hosts to which the configuration section applies. You can use a single asterisk (*) as a pattern to provide global defaults for all hosts.
• Port is where your remote SSH server is listening for connections. It defines the remote host’s connection port number, which is 22 by default.
• User defines the username for the SSH connection.
• IdentityFile specifies the file containing the user’s DSA, ECDSA or DSA authentication identity. For SSH protocol version 1, the default is ~/.ssh/identity. For version 2, the defaults are ~/.ssh/id_ecdsa and ~/.ssh/id_rsa.

Override SSH Config File Option #

The ssh client reads its configuration in the following precedence order:

1. Options specified from the command line.
2. Options defined in the ~/.ssh/config.
3. Options defined in the /etc/ssh/ssh_config.

If you want to override a single option, you can specify it on the command line. For example, if you have the following definition:

Host dev
    HostName dev.example.com
    User brice
    Port 116

and you want to use all other options but to connect as user root instead of brice simply specify the user on the command line:

ssh -o "User=root" dev

Shared SSH Config File Example

Host targaryen
    HostName 192.168.1.10
    User daenerys
    Port 7654
    IdentityFile ~/.ssh/targaryen.key

Host tyrell
    HostName 192.168.10.20

Host martell
    HostName 192.168.10.50

Host *ell
    user oberyn

Host * !martell
    LogLevel INFO

Host *
    User root
    Compression yes

When you type ssh targaryen, the ssh client reads the file and apply the options from the first match, which is Host targaryen. Then it checks the next stanzas one by one for a matching pattern. The next matching one is Host * !martell (meaning all hosts except martell), and it will apply the connection option from this stanza. The last definition Host * also matches, but the ssh client will take only the Compression option because the User option is already defined in the Host targaryen stanza.

The full list of options used when we type ssh targaryen  will be then:

HostName 192.168.1.10
User daenerys
Port 7654
IdentityFile ~/.ssh/targaryen.key
LogLevel INFO
Compression yes

When running ssh tyrell the matching host patterns are: Host tyrell ,  Host *ell,  Host * !martell and Host *. The options used in this case are:

HostName 192.168.10.20
User oberyn
LogLevel INFO
Compression yes