If you regularly connect to multiple remote systems via SSH day, remember that you'll find all the remote IP address, a different user name, non-standard ports and a variety of command-line options is difficult, if not impossible.
One option is to connect to each remote server to create a bash alias . However, for that matter, there is another better, simpler solution. OpenSSH allows you to set each user profile, where you can connect to different SSH each remote computer storage options.
This guide describes the basics of SSH client configuration files, and describes some of the most common configuration options.
prerequisites
We assume that you are using the OpenSSH client or macOS Linux system installed.
SSH configuration file location
OpenSSH client configuration file named config, it is stored in .ssh directory under the user's home directory. ~ / .Ssh first time a user runs the ssh command will automatically create the directory. +
If you've never used ssh, the command needs to create a directory with the following command:
mkdir -p ~/.ssh && chmod 700 ~/.ssh
By default, SSH configuration file may not exist, so you may need to create it using the touch command:
touch ~/.ssh/config && chmod 600 ~/.ssh/config
This file can only be read by the user and others can not access:
chmod 700 ~/.ssh/config
SSH configuration file structure and mode
SSH configuration file using the following structure:
Host hostname1 SSH_OPTION value SSH_OPTION value Host hostname2 SSH_OPTION value Host * SSH_OPTION value
Content Organization SSH client configuration file for the section (section). Each stanza instruction beginning with the Host and includes SSH specific options to use when establishing a connection with a remote SSH server.
Indentation is not required, but is recommended indent, because it will make the document easier to read.
The instructions may comprise a Host mode or a space-separated list of patterns. Each mode may contain zero or more non-white characters or less mode specifiers:
- * - Matches zero or more characters. For example, Host * will match all hosts, while 192.168.0. * Matches all hosts 192.168.0.0/24 subnet.
- ? - matches exactly one character. This mode Host 10.10.0.? Will match 10.10.0. [0-9] all hosts within the range.
- ! - at the beginning of the pattern will match its negative example, Host 10.10.0 * 10.10.0.5 will match any host 10.10.0.0/24 subnet, in addition to 10.10.0.5.!.
SSH client reads the configuration file section by section, if multiple patterns match, the first match in the section option takes precedence. Therefore, it should provide more specific to the host's statement at the beginning of the file, and provide a more general coverage at the end of the file.
You can type man ssh_config terminal or access ssh_config man page to find the complete list of available options ssh.
SSH configuration file is also another program, such as reading scp, sftp and rsync.
Basic SSH Configuration File
Now that we've covered the basics of SSH configuration files, let us look at the following example.
Typically, when you connect to a remote server via SSH, you specify the remote user name, host name and port. For example, in order to connect to the specified user named john host port 2322 dev.example.com command line, type:
ssh [email protected] -p 2322
If you want to use the same option to the above command to connect to the server, simply type named, ssh dev you need following line into your "~ / .ssh / config file:
The ~ / .ssh / Configuration
Host dev HostName dev.example.com User john Port 2322
Now, if you enter:
ssh dev
ssh client reads the configuration file, it will use the designated connection for details dev host,
SSH Configuration File Sharing
This example provides information about host mode and more detailed information about the options priority.
Let's look at the following example file:
Host targaryen HostName 192.168.1.10 User daenerys Port 7654 IdentityFile ~/.ssh/targaryen.key Host tyrell HostName 192.168.10.20 Host martell HostName 192.168.10.50 Host *ell user oberyn Host * !martell LogLevel INFO Host * User root Compression yes
-
If you type ssh targaryenssh client will read the first match of the application file and the option to Host targaryen. It is then individually examined under a section to match the pattern. The next match is the Host *! Martell, all hosts except martell it, it will use connectivity options in this section. Finally, the last definition of Host * is matched, but the ssh client using only the Compression option because the option User defined in the Host targaryen section. Full list of options in this case are as follows:
HostName 192.168.1.10 User daenerys Port 7654 IdentityFile ~/.ssh/targaryen.key LogLevel INFO Compression yes
- ssh tyrell match at runtime host mode is:! Host tyrell, Host * ell, Host * martell and Host *. Use the options in this case are:
HostName 192.168.10.20 User oberyn LogLevel INFO Compression yes
-
If you run ssh martell match host mode is: Host martell, Host * ell and Host *. Use the options in this case are:
HostName 192.168.10.50 User oberyn Compression yes
- For all other options and some specified connection Host *! Martell, Host * will be used.
Covering SSH configuration file options
ssh client receives its configuration in the following order of priority:
- Specify the command line options
- Options defined in ~ / .ssh / config
- Options defined in / etc / ssh / ssh_config
If you want to cover a single option, you can specify it on the command line. For example, if you have the following definitions:
Host dev HostName dev.example.com User john Port 2322
And you want to use all the other options, but to connect as a user, root, not only the specified user john on the command line:
ssh -o "User=root" dev
In -F (configfile) switch allows you to specify an alternate profile for each user.
If you want to ssh ssh client to ignore all the options specified in the configuration file, you can use:
ssh -F /dev/null [email protected]
in conclusion
You have learned how to configure ssh user profiles. You may also need to set up based on the identity of SSH key authentication and connect to Linux server without a password.
By default, SSH listens on port 22. To change the default SSH port can automatically reduce the risk of attack, so as to increase server additional layer of security.