Hello Mr. Dot ssh/config!

Hello Mr. Dot ssh/config!

It’s so nice to meet you, Mr. dot ssh/config

Ah man, all these servers are driving me CRAZY! I got personal servers, client’s servers, company servers, AMIs, repositories and virtual servers out the waa-zoo.

What’s my username on this server? What’s the IP for that server? Oh yeah, this one requires a key, oh man, what key did I use when I set that up.

When you need to ssh, scp, rsync, sftp, git, or who knows what into Linux (unix based) servers, it can get annoying trying to keep up with usernames, ips, passwords, and keys.

Well, enough with the chit chat, let’s get start with an example. The following bash command may look familiar:

ssh devuser@192.168.1.111

I am logging into the server at ip 192.168.1.111 using the devuser account. When I hit enter, I’ll be prompted by the server to enter the password for devuser.  Man, what a hassle!

SSH Key Pair

Okay, the first thing you have to do is set up a ssh key pair. The key pair is freakin’ awesome, it will allow you to connect to the remote server using a top-secret file on your mac or linux pc that pairs up with a file on the server. There are about a ca-zillion “how to’s” on the google about generating a key for your system, so I’m going to defer this step to those experts, hurry back with your key setup and we’ll get to the good stuff.  Feeling lost? Learn more about how to create a private/public key pair.

Now, about that config file

Welcome back, I trust you’ve found some really good online tutorials for setting up your key pair and now you are ready for the goodies. At this point, I’ll still use the same command to connect to my server

ssh devuser@192.168.1.111

. . .but, now when I hit enter, I am instantly connected, no password required. Whoa, it’s like magic.

Now that you have your private key, on your computer, you should have a hidden directory named .ssh. My home directory is /home/charlie and my ssh goodies are in the /home/charlie/.ssh directory.  Now, using vim (humor me) create a file called config in your .ssh directory, and add the following (with your servers info)


[/home/charlie/.ssh/config]
Host dev
HostName 192.168.1.111
User devuser
IdentityFile ~/.ssh/id_rsa

config, explained:
Host -> this line is a nickname for your remote server, call it whatever you want.
HostName -> this can be IP or URL for your server
User -> user name for account on server
IdentityFile -> path to private key you setup

Now, when I log into my dev server at 192.168.1.111 as user devuser, all I have to do is type . . .

ssh dev

You can have tons of servers with different names and keys in your config file. I like to organize mine like this:


##### Dev Servers #####
Host dev
HostName 192.168.1.111
User devuser
IdentityFile ~/.ssh/id_rsa

##### Production Servers #####
Host web1
HostName 10.10.10.25
User cpalmer
IdentityFile ~/.ssh/cp_id_rsa

Host mysql1
HostName 10.10.20.44
User cpalmer
IdentityFile ~/.ssh/cp_id_rsa

##### GIT #####
Host git
HostName github.com
User git
IdentityFile ~/.ssh/git_id_rsa

So, here are examples of some of the cool commands I can run now with my keys and config (above) in place

ssh web1

rsync -av /home/charlie/var/www/ dev:/var/www

git clone git:unlikelygeek/zf2.git

scp mysql1:/home/cpalmer/today.tar.gz ~/bak/mysql/.

  • Dale

    Don’t forget to bring a few other friends to the party!  A good ‘Host *’ record will get you shelling like a pro.  Some of my favorites include:

    KeepAlive yesServerAliveInterval 300ServerAliveCountMax 3Compression  yesCompressionLevel 9HashKnownHosts noThat last one helps ensure that you can tab complete on remote hosts:http://www.oddprocess.org/wp/2009/03/13/ssh-known_hosts-and-bash-completion/

  • Anonymous

    Hi Charlie,

    I am looking for a Sr. LAMP Developer with *nix skills in the Atlanta area.  Since you obviously know your stuff and fit the bill, I thought I would ask if you have any interest or referrals?

    Thanks,

    Dan
    Application Development Manager