Use a secure shell configuration file for easier use

Jack Wallen
Mar 25, 2010
Updated • Dec 27, 2012

If you've ever used secure shell you know that it can get a little daunting with all of the command options available. But did you know you can make this task much easier with the help of secure shell user configuration files? With these files (unique to each user) you can configure secure shell to behave certain ways with certain hosts, or you can create global configuration options for all secure shell connections.

In this article I will show you how to take advantage of the secure shell user-specific configuration files.


Naturally this article will assume you have secure shell installed and working. Now these configurations only work for the secure shell client, not the server. I will also assume the client from which you will be connecting from has a working internet connection and the hosts you want to connect to are reachable using secure shell as per normal. With that said, let's get down to work.

Configuration file location

If you take a look at you ~/.ssh directory you probably will not find a configuration file. Instead you will have to create one. Fear not, it's simple. The file that secure shell will look for is called config. So open up a terminal window, open up your favorite editor, and create the file ~/.ssh/config.

Possible options

Let's look at a sample config file. Say you have host that is the target host. You want to be able to forward X11 and the username on the host you want to connect to is jack. This configuration file would look like:


ForwardX11 yes

User jack

Now when you issue the command ssh all you will need to do is enter the user password. This command would replace the usual ssh -l jack -X. You could make this even easier by adding an entry for in your /etc/hosts file like so:  NICKNAME

Where NICKNAME would be an easy name to remember. So now the command would look like ssh NICKNAME. That is much easier to remember and type.

You can also make options global. Let's say you don't want any forwarding of X11 on any ssh connection. For that you can create a section like this:

Host *

ForwardX11 no

This way none of your ssh connections will forward X11.For the global section you might want to add the line:

Protocol 2,1

which will instruct ssh to always use SSH2 first.

Global config

If you like you can edit the /etc/ssh/ssh_config file to make some of these options global. If you do this, the options will apply to all users on the system (including root). If you want more granular control over your users ssh connections, and you have multiple users on a system, go with the user-specific configuration instead.

Final thoughts

Secure shell is certainly the way you need to be making your remote connections to and from your Linux machines. And because secure shell is so flexible, you have numerous options that will allow you very specific control over how users connect as well as making yours and their lives much simpler.


Previous Post: «
Next Post: «


  1. Frode said on March 25, 2010 at 11:48 pm

    You can also specify a nickname in the ~/.ssh/config file:

    User Jack

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.