아래는 **2번 글을 자연스러운 영문 블로그 톤**으로 옮긴 버전이에요. 요청하신 대로 **헤딩의 id는 원문 그대로 유지**했습니다.

---

In the previous post, I covered the basics of the `ssh` command and a few useful options. But let’s be honest—typing long IP addresses, usernames, and port numbers every single time gets old fast.

That’s where the **SSH config file** comes in. It lets you save your favorite server connection settings and connect using a simple **alias**.

Back when I was a complete beginner and didn’t even know the config file existed, I used to register my most-used SSH commands as aliases in `.bashrc`. After I learned the proper way to do it with an SSH config, I realized how much time (and effort) I had wasted.

![Me being amazed after discovering SSH config](/media/whitedec/blog_img/ssh_config_favorite_style.webp)

---

## What is the SSH config file? {#sec-481141e7802b}

The **SSH config file** is a configuration file that lets you define how your SSH client behaves. If you save connection details for specific hosts (username, port, key file, etc.) in advance, you can later connect using only a short alias.

* **Location**: It usually lives in your home directory under the `.ssh` folder, with the filename `config`. If you just installed SSH for the first time, it may not exist yet.

* **Create the file**: If `~/.ssh/config` doesn’t exist, create it manually. **Make sure the permission is set to 600.**

```bash
touch ~/.ssh/config
chmod 600 ~/.ssh/config  # This permission setting is important for security.
```

---

## How to write the config file {#sec-a6ba2fff88f5}

The config file is a simple text file. Each host is defined as a block that starts with the `Host` keyword.

#### Basic structure

```
Host [alias]
    [option1] [value1]
    [option2] [value2]
    ...
```

* **`Host [alias]`**: Declares the beginning of a block and defines the **alias** you’ll use in your SSH command. Instead of an alias, you can also put the real hostname (IP address or domain). Wildcards (`*`, `?`) are supported as well.
* **Indentation**: Options under `Host` should be **indented**. Spaces or tabs both work—just stay consistent.
* **Options**: Under `Host`, you list SSH options that will apply when connecting using that alias. These correspond to things you might otherwise pass via the command line (like `ssh -p ...`).

### Common options {#sec-488803d47bdf}

|                         |                                                                     |                                      |
| ----------------------- | ------------------------------------------------------------------- | ------------------------------------ |
| **Option**              | **Description**                                                     | **Example**                          |
| `HostName`              | The actual server IP address or domain name                         | `192.168.1.100` or `example.com`     |
| `User`                  | Remote username                                                     | `ubuntu`, `ec2-user`, `root`         |
| `Port`                  | SSH port (default is 22)                                            | `2222`                               |
| `IdentityFile`          | Path to the private key file                                        | `~/.ssh/id_ed25519_myserver`         |
| `ForwardAgent`          | Enable SSH agent forwarding (when using `ssh-agent`)                | `yes`                                |
| `StrictHostKeyChecking` | Whether to enforce strict host key verification (`yes` recommended) | `no` (temporarily for early testing) |
| `PortForwarding`        | Whether to allow port forwarding                                    | `yes`                                |
| `LocalForward`          | Local port forwarding (same as `-L`)                                | `8080 localhost:80`                  |
| `ServerAliveInterval`   | Interval (seconds) to check if the connection is alive              | `60` (prevent disconnects)           |
| `ServerAliveCountMax`   | Number of failed checks before disconnecting                        | `3`                                  |

---

## Example SSH config {#sec-92c9daf3ee29}

Let’s add a few frequently used servers to `~/.ssh/config`.

```ini
# Server 1: Web server (alias: webserver)
Host webserver
    HostName 192.168.1.100
    User ubuntu
    Port 2222
    IdentityFile ~/.ssh/id_ed25519_webserver # Dedicated key for this server

# Server 2: Development server (alias: devbox)
Host devbox
    HostName dev.example.com
    User developer
    IdentityFile ~/.ssh/id_rsa_dev # Using an RSA key
    # Forward local port 8000 to the remote server's port 80
    LocalForward 8000 localhost:80 

# Server 3: All AWS EC2 servers (alias pattern: aws-*)
Host aws-*
    User ec2-user
    IdentityFile ~/.ssh/aws_ec2_key.pem
    # Send keep-alives so the connection doesn't drop
    ServerAliveInterval 60
    ServerAliveCountMax 3

# General rule for a specific IP range (alias pattern: 10.0.0.*)
Host 10.0.0.*
    User admin
    Port 22
```

**Explanation:**

* `webserver`: Connect to `192.168.1.100` as user `ubuntu` via port `2222`, using the `id_ed25519_webserver` key.
* `devbox`: Connect to `dev.example.com` as user `developer` using the `id_rsa_dev` key, and forward local port 8000 to remote port 80.
* `aws-*`: Settings applied to any alias that begins with `aws-`, such as `aws-prod` or `aws-dev`.
* `10.0.0.*`: Automatically applies `admin` and port 22 when connecting to IPs in the `10.0.0.x` range.

> In practice, I don’t use wildcard (`*`) host patterns very often.
> It’s usually easier to manage connections when you define a **1:1 config per server**.
> Also, sometimes I connect to the same server with different settings, so I add separate aliases and “pick” one—like choosing a menu item at a restaurant—then connect with `ssh my-alias`.

---

![A magical network spreading out when you press the SSH connect button](/media/whitedec/blog_img/ssh_config_network_magic.webp)

## How to use the config file {#sec-e176d1ccdfce}

Once you’ve saved settings in your config file, connecting becomes much simpler. Let’s try it using the examples above.

### 1. Connect using an alias {#sec-b0810f8f4908}

Run SSH using only the alias:

* **Using the `webserver` alias:**

```bash
ssh webserver
Enter passphrase for key '/home/youruser/.ssh/id_ed25519_webserver':
ubuntu@webserver-ip:~ $
```

> Internally, this is equivalent to running:
> `ssh -p 2222 -i ~/.ssh/id_ed25519_webserver ubuntu@192.168.1.100`

* **Using the `devbox` alias:**

```bash
ssh devbox
Enter passphrase for key '/home/youruser/.ssh/id_rsa_dev':
developer@devbox-domain:~ $
```

> (At the same time, your local port 8000 will be forwarded to port 80 on `dev.example.com`.)

---

## Benefits of using SSH config {#sec-2c234f7e8725}

* **Convenience**: Replace long, complex SSH commands with short aliases, reducing typing and mistakes.
* **Productivity**: Jump between servers quickly and stay focused on your work.
* **Easier management**: Keep all connection settings in one place. If a server IP changes, you update only the config file.
* **Security**: Avoid leaving sensitive details (like key file paths) in your shell history.

---

## Summary {#sec-9c659c3d712e}

The SSH config file is an essential tool for anyone who uses SSH regularly—developers and system admins alike. Use it to make your SSH workflow faster, cleaner, and more reliable. Open `~/.ssh/config` and create your own aliases today!

If you’d like to read more SSH-related posts, try searching for “ssh” using the search box on the right.

And if you have any questions, feel free to ask in the comments!