Using SSH configuration file

Server 2019-08-13 11:12:13 views: null

If you regularly connect to multiple remote systems via SSH day, remember that you'll find all the remote IP address, a different user name, non-standard ports and a variety of command-line options is difficult, if not impossible.

One option is to connect to each remote server to create a bash alias . However, for that matter, there is another better, simpler solution. OpenSSH allows you to set each user profile, where you can connect to different SSH each remote computer storage options.

This guide describes the basics of SSH client configuration files, and describes some of the most common configuration options.

prerequisites

We assume that you are using the OpenSSH client or macOS Linux system installed.

SSH configuration file location

OpenSSH client configuration file named config, it is stored in .ssh directory under the user's home directory. ~ / .Ssh first time a user runs the ssh command will automatically create the directory. +

If you've never used ssh, the command needs to create a directory with the following command:

mkdir -p ~/.ssh && chmod 700 ~/.ssh

By default, SSH configuration file may not exist, so you may need to create it using the touch command:

touch ~/.ssh/config && chmod 600 ~/.ssh/config

This file can only be read by the user and others can not access:

chmod 700 ~/.ssh/config

SSH configuration file structure and mode

SSH configuration file using the following structure:

Host hostname1
    SSH_OPTION value
    SSH_OPTION value

Host hostname2
    SSH_OPTION value

Host *
    SSH_OPTION value

Content Organization SSH client configuration file for the section (section). Each stanza instruction beginning with the Host and includes SSH specific options to use when establishing a connection with a remote SSH server.

Indentation is not required, but is recommended indent, because it will make the document easier to read.

The instructions may comprise a Host mode or a space-separated list of patterns. Each mode may contain zero or more non-white characters or less mode specifiers:

  • * - Matches zero or more characters. For example, Host * will match all hosts, while 192.168.0. * Matches all hosts 192.168.0.0/24 subnet.
  • ? - matches exactly one character. This mode Host 10.10.0.? Will match 10.10.0. [0-9] all hosts within the range.
  • ! - at the beginning of the pattern will match its negative example, Host 10.10.0 * 10.10.0.5 will match any host 10.10.0.0/24 subnet, in addition to 10.10.0.5.!.

SSH client reads the configuration file section by section, if multiple patterns match, the first match in the section option takes precedence. Therefore, it should provide more specific to the host's statement at the beginning of the file, and provide a more general coverage at the end of the file.

You can type man ssh_config terminal or access ssh_config man page to find the complete list of available options ssh.

SSH configuration file is also another program, such as reading scp, sftp and rsync.

Basic SSH Configuration File

Now that we've covered the basics of SSH configuration files, let us look at the following example.

Typically, when you connect to a remote server via SSH, you specify the remote user name, host name and port. For example, in order to connect to the specified user named john host port 2322 dev.example.com command line, type:

ssh [email protected] -p 2322

If you want to use the same option to the above command to connect to the server, simply type named, ssh dev you need following line into your "~ / .ssh / config file:

The ~ / .ssh / Configuration

Host dev
    HostName dev.example.com
    User john
    Port 2322

Now, if you enter:

ssh dev

ssh client reads the configuration file, it will use the designated connection for details dev host,

SSH Configuration File Sharing

This example provides information about host mode and more detailed information about the options priority.

Let's look at the following example file:

Host targaryen
    HostName 192.168.1.10
    User daenerys
    Port 7654
    IdentityFile ~/.ssh/targaryen.key

Host tyrell
    HostName 192.168.10.20

Host martell
    HostName 192.168.10.50

Host *ell
    user oberyn

Host * !martell
    LogLevel INFO

Host *
    User root
    Compression yes

  • If you type ssh targaryenssh client will read the first match of the application file and the option to Host targaryen. It is then individually examined under a section to match the pattern. The next match is the Host *! Martell, all hosts except martell it, it will use connectivity options in this section. Finally, the last definition of Host * is matched, but the ssh client using only the Compression option because the option User defined in the Host targaryen section. Full list of options in this case are as follows:

    HostName 192.168.1.10
User daenerys
Port 7654
IdentityFile ~/.ssh/targaryen.key
LogLevel INFO
Compression yes
    • ssh tyrell match at runtime host mode is:! Host tyrell, Host * ell, Host * martell and Host *. Use the options in this case are:
    HostName 192.168.10.20
User oberyn
LogLevel INFO
Compression yes

  • If you run ssh martell match host mode is: Host martell, Host * ell and Host *. Use the options in this case are:

    HostName 192.168.10.50
User oberyn
Compression yes
    • For all other options and some specified connection Host *! Martell, Host * will be used.

    Covering SSH configuration file options

    ssh client receives its configuration in the following order of priority:

    1. Specify the command line options
    2. Options defined in ~ / .ssh / config
    3. Options defined in / etc / ssh / ssh_config

    If you want to cover a single option, you can specify it on the command line. For example, if you have the following definitions:

    Host dev
HostName dev.example.com
User john
Port 2322

And you want to use all the other options, but to connect as a user, root, not only the specified user john on the command line:

ssh -o "User=root" dev

In -F (configfile) switch allows you to specify an alternate profile for each user.

If you want to ssh ssh client to ignore all the options specified in the configuration file, you can use:

ssh -F /dev/null [email protected]

in conclusion

You have learned how to configure ssh user profiles. You may also need to set up based on the identity of SSH key authentication and connect to Linux server without a password.

By default, SSH listens on port 22. To change the default SSH port can automatically reduce the risk of attack, so as to increase server additional layer of security.

Guess you like

Origin www.linuxidc.com/Linux/2019-08/159952.htm
Recommended
Ranking
Solve the problem that the Chinese display of the drawing using python matplotlib under the Linux system is displayed as a box
[Conference Call for Papers] The 5th International Conference on Civil Engineering, Environmental Resources and Energy Materials (CCESEM 2023)
4-yl Fast Fourier Transform
DataGirdView interlaced display color
[Docker implements test deployment CI/CD----Dingding alarm after the build is successful (7)]
[Asp.net core series] 6 the complete structure of a project in actual combat
The new version of OpenCenterV3 management background
Why can box plots detect outliers and what is the principle?
[Switch] jumbo frame Introduction
C++对象移动(3)——移动构造函数
Daily
More
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)

Code World

© 2018 codetd.com