Notice:

This page has been converted from a dynamic Wordpress article to a static HTML document. As a result, some content may missing or not rendered correctly.

~/.ssh/config ~ Wed, 28 Sep 2011 19:59:07 +0000

~/.ssh/config is a file I have not had occasion to use until today. Evidently not many other people use it very often either, because finding the information I needed was more difficult than it should have been. Thus, this post is meant to make it easier to find.

I am currently hosting a private Minecraft server through redstonehost.com for a few friends. My hosting plan is a VPS specifically designed for easy Minecraft server administration. It being a VPS, I have direct SSH access to the server. The SSH account is pre-configured by RedstoneHost to a specific user that manages your Minecraft server. The password for this user is configured by you via your RedstoneHost user control panel. The password I configured is a complex, auto-generated, password.

Given that my password for the VPS is complex, I would rather use an SSH key file for authentication when I need to login. However, I do not want to use the same key that I use for other systems. This is where the need for the ~/.ssh/config file comes into play.

When you do ssh james@example.com the remote system sends a packet back telling your local SSH client what forms of authentication it will accept. If the remote server accepts key files, and you have your key configured with the remote host, it will attempt to validate your identity based on the keys installed in your ~/.ssh/ directory. Except, it doesn't validate against just any key files in the directory. SSH2 specifically checks against ~/.ssh/idrsa and ~/.ssh/iddsa before giving up on key file authentication and moving on to the next method. Thus, if you want to use a key file ~/.ssh/examplecomdsa you would need to do ssh -i ~/.ssh/example_com_dsa james@example.com. This is definitely more typing than anyone wants to do just to connect to a host.

To solve this problem, you can add the following to your ~/.ssh/config file:

Host example.com
    User james
    IdentityFile %d/.ssh/example_com_dsa

Now every time you do ssh example.com you will be connecting to example.com as if you had done ssh -i ~/.ssh/example_com_dsa james@example.com instead.

For more information on what options are available to you in the config file, read through the manpage. For some more examples of how the config file can be helpful to you, look through this ALE thread (Atlanta Linux Enthusiasts).

Linux,  OS X,  Software,  Technology,  Tips