Intro

Suppove we have a couple of keys, one for home and one for office work

ls -l ~/.ssh/

id_rsa
id_rsa.pub
id_rsa_office
id_rsa_office.pub

Basic Info

Suppose we need to connect to a series of servers using out office key.
We can do something like

ssh -i .ssh/id_rsa_office root@11.office.example.com

but now we realize that the hosts to connect are a lot and we want to simplify.

create a file .ssh/config

touch ~/.ssh/config

Syntax

Host hostname1
    SSH_OPTION value
    SSH_OPTION value

Host hostname2
    SSH_OPTION value

Host *
    SSH_OPTION value

In the matching process of Host we can use:

• * : Wich matches zero or more characters. Host * matches all hosts, while 10.10.0.* matches hosts in the 10.10.0.0/24 subnet.
• ? : Matches exactly one character.
• ! : When used at the start of a pattern, it negates the match.

now we can do some tests filling our file with

Host *.office.example.com
    IdentityFile ~/.ssh/id_rsa_office
    BatchMode yes
    EscapeChar none

of course we can change the User, Port, allowed Ciphers, Port forwarding and a lot more.

Shortcuts

Host salagadula
    HostName 10.10.0.1
    Port 2222
    User root
    IdentityFile ~/.ssh/id_rsa_office
    LogLevel INFO

how we can connect using simply

ssh salagadula

Port Forwarding

Host salagadula
    HostName 10.10.0.1
    User root
    IdentityFile ~/.ssh/id_rsa_office
    LocalForward 8140 10.10.0.2:80

now we can access to 10.10.0.2 of the internel LAN thru the 10.10.0.1, only connecting to localhost:8140