search by tags

for the user

adventures into the land of the command line

the ssh config file

when we use ssh we can include options in the command like

$ ssh [email protected] -p 1234

but you can also include those options in an ssh config file. the file’s home is in your ~/.ssh directory, and it might not be there by default, so you can create one

$ vim ~/.ssh/config

inside you can specify a list of all the hosts you regularly log into, as well as options you would like to use with each ssh connection

Host *
  User user
  Port 22
  ServerAliveInterval 30
  TCPKeepAlive yes

Host jumphost
  DynamicForward 1096
  HostKeyAlias hostname
  HostName ipaddress
  ServerAliveInterval 30
  TCPKeepAlive yes

Host remotehost
  HostKeyAlias hostname
  HostName ipaddress
  ProxyCommand /bin/nc -x localhost:1096 %h %p

at the top im saying, for any host connection:
use my user named ‘user’
connect on port 22
enable tcp keep alives to keep the connection from timing out
send these keep alive packets every 30 seconds

then you could specify a jumphost if you go thru one. im dynamic forwarding a localport, for tunneling purposes. and im specifying the literal hostname for the jumphost, and also its ip address.

lastly this is an example for a remote host an alias and an ipaddress or hostname is included proxycommand is launched prior to making the connection to Hostname. it will proxy the ssh connection through the jumphost tunnel you have open. %h is replaced with the host defined in HostName and %p is replaced with 22

another very simple example could be if you only have a few hosts. you might want to do something like this

Host ec2
    HostKeyAlias ec2.server.somewhere.com
    HostName 12.34.567.890
    User user
    IdentityFile ~/user/.ssh/id_rsa.pub

ServerAliveInterval 30

example with an ssh tunnel

Host server1
  HostKeyAlias server1
  HostName 10.1.1.1
  Port 22
  User myuser
  ProxyCommand ssh [email protected] -p 22 nc %h %p

an example of ssh port forwards with privileged ports

Host server2
  HostName 10.1.1.2
  User myuser
  IdentityFile ~/.ssh/id_rsa
  ServerAliveInterval 30
  # my groovy IPMI
  LocalForward 80 172.1.2.3:80
  LocalForward 443 172.1.2.3:443
  LocalForward 5900 172.1.2.3:5900
  LocalForward 5901 172.1.2.3:5901
  LocalForward 623 172.1.2.3:623

this last one will give you some problems if you run it normally, so run it like this:

$ sudo -E ssh -F ~/.ssh/config -i /Users/myuser/.ssh/id_rsa server2

there are many different ways to use the ssh config file and i think it’s awesome. if you’re interested, there is a very good post about ssh config files at http://nerderati.com/2011/03/17/simplify-your-life-with-an-ssh-config-file/

simplify!