Use a secure shell configuration file for easier use - gHacks Tech News

Use a secure shell configuration file for easier use

If you've ever used secure shell you know that it can get a little daunting with all of the command options available. But did you know you can make this task much easier with the help of secure shell user configuration files? With these files (unique to each user) you can configure secure shell to behave certain ways with certain hosts, or you can create global configuration options for all secure shell connections.

In this article I will show you how to take advantage of the secure shell user-specific configuration files.

Assumptions

Naturally this article will assume you have secure shell installed and working. Now these configurations only work for the secure shell client, not the server. I will also assume the client from which you will be connecting from has a working internet connection and the hosts you want to connect to are reachable using secure shell as per normal. With that said, let's get down to work.

Configuration file location

If you take a look at you ~/.ssh directory you probably will not find a configuration file. Instead you will have to create one. Fear not, it's simple. The file that secure shell will look for is called config. So open up a terminal window, open up your favorite editor, and create the file ~/.ssh/config.

Possible options

Let's look at a sample config file. Say you have host ssh.sample.host that is the target host. You want to be able to forward X11 and the username on the host you want to connect to is jack. This configuration file would look like:

Host ssh.sample.host

ForwardX11 yes

User jack

Now when you issue the command ssh ssh.sample.host all you will need to do is enter the user password. This command would replace the usual ssh -l jack ssh.sample.host -X. You could make this even easier by adding an entry for ssh.sample.host in your /etc/hosts file like so:

ssh.sample.host  NICKNAME

Where NICKNAME would be an easy name to remember. So now the command would look like ssh NICKNAME. That is much easier to remember and type.

You can also make options global. Let's say you don't want any forwarding of X11 on any ssh connection. For that you can create a section like this:

Host *

ForwardX11 no

This way none of your ssh connections will forward X11.For the global section you might want to add the line:

Protocol 2,1

which will instruct ssh to always use SSH2 first.

Global config

If you like you can edit the /etc/ssh/ssh_config file to make some of these options global. If you do this, the options will apply to all users on the system (including root). If you want more granular control over your users ssh connections, and you have multiple users on a system, go with the user-specific configuration instead.

Final thoughts

Secure shell is certainly the way you need to be making your remote connections to and from your Linux machines. And because secure shell is so flexible, you have numerous options that will allow you very specific control over how users connect as well as making yours and their lives much simpler.

Advertisement

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:


Previous Post: «
Next Post: »

Comments

  1. Frode said on March 25, 2010 at 11:48 pm
    Reply

    You can also specify a nickname in the ~/.ssh/config file:

    Host NICKNAME
    Hostname ssh.sample.host
    User Jack
    (etc.)

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.