~/.ssh/config ~ Wed, 28 Sep 2011 19:59:07 +0000
~/.ssh/config is a file I have not had occasion to use until today. Evidently not many other people use it very often either, because finding the information I needed was more difficult than it should have been. Thus, this post is meant to make it easier to find.
I am currently hosting a private Minecraft server through redstonehost.com for a few friends. My hosting plan is a VPS specifically designed for easy Minecraft server administration. It being a VPS, I have direct SSH access to the server. The SSH account is pre-configured by RedstoneHost to a specific user that manages your Minecraft server. The password for this user is configured by you via your RedstoneHost user control panel. The password I configured is a complex, auto-generated, password.
Given that my password for the VPS is complex, I would rather use an SSH key file for authentication when I need to login. However, I do not want to use the same key that I use for other systems. This is where the need for the
~/.ssh/config file comes into play.
When you do
ssh firstname.lastname@example.org the remote system sends a packet back telling your local SSH client what forms of authentication it will accept. If the remote server accepts key files, and you have your key configured with the remote host, it will attempt to validate your identity based on the keys installed in your
~/.ssh/ directory. Except, it doesn't validate against just any key files in the directory. SSH2 specifically checks against
~/.ssh/iddsa before giving up on key file authentication and moving on to the next method. Thus, if you want to use a key file
~/.ssh/examplecomdsa you would need to do
ssh -i ~/.ssh/example_com_dsa email@example.com. This is definitely more typing than anyone wants to do just to connect to a host.
To solve this problem, you can add the following to your
Host example.com User james IdentityFile %d/.ssh/example_com_dsa
Now every time you do
ssh example.com you will be connecting to
example.com as if you had done
ssh -i ~/.ssh/example_com_dsa firstname.lastname@example.org instead.
For more information on what options are available to you in the config file, read through the manpage. For some more examples of how the config file can be helpful to you, look through this ALE thread (Atlanta Linux Enthusiasts).