Personal tools

Dec 06, 2011

SSH tips and tricks: how to save time configuring properly SSH

This blog post is about ssh client configuration. Configuring ssh is a really good practice both for saving time and keeping organized your connections data. Even though the blogosphere is full of posts like this, I think it is worth repeating because the practice of keeping an up to date ssh configuration is not so diffused.

In my daily activity I find myself connecting to a lot of servers and it is hard to remember for each of them the correct hostname or IP and the related credentials.

To speed up my work I try to keep has much as possible updated my .ssh/config file.

Let's say, for example that one of our clients, let's say ACME :), gives us access to a fictitious server with the IP address 999.999.999.999. 

They give us the access that server with the username bugs and ssh is listen to port 2222.

As soon as I am authorized to connect to a new server I insert a new section to the file like this:

# The new acme server
Host acme
HostName 999.999.999.999
Port 2222
User bugs

 This way instead of typing:

ssh -p2222 bugs@999.999.999.999

I can just type:

ssh acme

with the same effects.

The benefits of that go beyond the use of ssh, because the same configuration file has effect on other ssh related programs like scp, rsync and sshfs.

In addition .ssh/config is parsed by bash completion scripts so I can save further keystrokes (holy laziness)!

This is good, more than for today, for tomorrow because time passes and I can forget the username, the server IP or the port, but I would hardly forget I worked for ACME and to get those info quickly reading .ssh/config is enough.

Of course I can add many hosts sections to the .ssh/config like I am showing in this example:

## List of ACME servers ##
# The staging server
Host acme-staging
HostName staging.example.com
User bugs
# The production server
Host acme-production
HostName production.example.com
User bunny

## Another customer ##
Host demo
HostName 10.0.1.100
User donald

# I can also setup a tunnel to a port
Host demo-debug
HostName 10.0.1.100
User root
LocalForward 8080 localhost:8080

As you can see each section starts with the Host declaration and the settings are effective only for that specific Host.

In the last example we make a tunnel forwarding the 8080 port to localhost, useful in case the server firewall filters direct connections from outside.

With this configuration the command:

ssh demo-debug

is equivalent to:

ssh root@10.0.1.100 -L 8080:localhost:8080

 

Further readings

Beyond the nice manual page about ssh configuration:

man ssh_config

you could find very useful those links to

A note to KDE users

I found out that also sftp and fish KIO slaves are aware of ssh configuration, with the difference that fish overrides the User directive, i.e., using the example before, to connect to the acme server as bugs I have to point dolphin to either fish://bugs@acme or to sftp://acme

.

 

Filed under:
comments powered by Disqus