I rely on ssh for connecting to dozens of servers. The problem is that my username is often different from one system to the next and I often have trouble remembering which username goes with which system. One easy way to keep them straight is to take advantage of a not-so-obvious SSH feature -- the SSH config file. By creating and configuring a ~/.ssh/config file, you can create a profile for each of the servers that you use and make connecting to those systems quite a bit easier. For a basic example of how this works, say that I use a system named boson in the domain elemparticles.org and that I log into this server with the username higgs. I could use the command ssh email@example.com. Alternately, I could create a profile for the server that looks like this and then get by with just using the command ssh boson to log in.
Host boson HostName boson.elemparticles.com User higgs
If you don't have a .ssh directory or an ssh config file, you can start with commands like these and then edit the config file you have just created.
mkdir ~/.ssh chmod 700 ~/.ssh touch ~/.ssh/config
Once you've tested your first ssh login profile with a simplified ssh command such as ssh boson command, you can add as many additional profiles as suit your needs. In the example below, I've set up profiles for four separate systems, each with a different username.
Host boson HostName boson.elemparticles.com User higgs Host fermion Hostname fermion.elemparticles.com user dirac Host dweebs Hostname linuxdweebs.example.org User sandra Host solaris Hostname sug.history.net User shs
You might want to add other options to your profiles as well. The ServerAliveInterval and ServerAliveCountMax settings will allow you to establish keep alives for connections to those servers. These settings will refresh a connection every 30 seconds for up to an hour and a half:
ServerAliveInterval 30 ServerAliveCountMax 90
You can add these lines to any of your profiles:
Host boson HostName boson.elemparticles.com User higgs ServerAliveInterval 30 ServerAliveCountMax 90
If your ssh connections need to go through a non-standard port, you can add that as well by using the Port setting.
Host boson HostName boson.elemparticles.com User higgs Port 2222 ServerAliveInterval 30 ServerAliveCountMax 90
If you use a private key to log into the remote server, you can add that to your config profile as well:
Host boson HostName boson.elemparticles.com User higgs Port 2222 IdentityFile ~/.ssh/boson.key ServerAliveInterval 30 ServerAliveCountMax 90
Note that the key specified on the IdentityFile line should be your private key on the remote system. You can also use ssh config file profiles to effect "multi-hop" connections -- when you have to go through one system to get to another. On the command line, a multi-hop connection might be done with a command like this to simplify connections to the system that you cannot log into directly. Let's say that the system you cannot log into directly is called "remhost2". If you can get to remhost2 when logged into remhost1, but not from your current system, you might use a command like this:
$ ssh -A -t remhost1 ssh -A -t remhost2
To make connections like this using the config file, use a ProxyCommand setting like this that employs both ssh and netcat (nc):
Host remhost1 HostName remhost1.somesite.com Host remhost2 ProxyCommand ssh -q remhost1 nc remhost2 22
In this command, we associated the FQDN for remhost1 with its simple hostname (the string "remhost1") and then set up a ProxyCommand so that connections to remhost2 go through remhost1. An ssh config file can make it easier to connect to systems by simplifying their names, accomodating configuration options (such as different usernames and unusual port numbers), helping with authentication or simplifying multi-hop setups. It provides a nice way to keep track of connections that you make to a large collection of systems and can be a real time saver and anxiety avoider.
Read more of Sandra Henry-Stocker's Unix as a Second Language blog and follow the latest IT news at ITworld, Twitter and Facebook.