In the previous post, I covered the basics of the ssh command and a few useful options. But let’s be honest—typing long IP addresses, usernames, and port numbers every single time gets old fast.

That’s where the SSH config file comes in. It lets you save your favorite server connection settings and connect using a simple alias.

Back when I was a total beginner and didn’t even know SSH config files existed, I kept thinking, “How am I supposed to type this long, messy SSH command every single time?” So I literally pasted the whole command into .bashrc and used it as an alias. Later, once I learned the proper way to do it with ~/.ssh/config, I realized how stupid my approach had been.

Me being amazed after discovering SSH config

What is the SSH config file?

The SSH config file is a configuration file that lets you define how your SSH client behaves. If you save connection details for specific hosts (username, port, key file, etc.) in advance, you can later connect using only a short alias.

  • Location: It usually lives in your home directory under the .ssh folder, with the filename config. If you just installed SSH for the first time, it may not exist yet.

  • Create the file: If ~/.ssh/config doesn’t exist, create it manually. Make sure the permission is set to 600.

touch ~/.ssh/config
chmod 600 ~/.ssh/config  # This permission setting is important for security.

How to write the config file

The config file is a simple text file. Each host is defined as a block that starts with the Host keyword.

Basic structure

Host [alias]
    [option1] [value1]
    [option2] [value2]
    ...
  • Host [alias]: Declares the beginning of a block and defines the alias you’ll use in your SSH command. Instead of an alias, you can also put the real hostname (IP address or domain). Wildcards (*, ?) are supported as well.
  • Indentation: Options under Host should be indented. Spaces or tabs both work—just stay consistent.
  • Options: Under Host, you list SSH options that will apply when connecting using that alias. These correspond to things you might otherwise pass via the command line (like ssh -p ...).

Common options
Option Description Example
HostName The actual server IP address or domain name 192.168.1.100 or example.com
User Remote username ubuntu, ec2-user, root
Port SSH port (default is 22) 2222
IdentityFile Path to the private key file ~/.ssh/id_ed25519_myserver
ForwardAgent Enable SSH agent forwarding (when using ssh-agent) yes
StrictHostKeyChecking Whether to enforce strict host key verification (yes recommended) no (temporarily for early testing)
PortForwarding Whether to allow port forwarding yes
LocalForward Local port forwarding (same as -L) 8080 localhost:80
ServerAliveInterval Interval (seconds) to check if the connection is alive 60 (prevent disconnects)
ServerAliveCountMax Number of failed checks before disconnecting 3

Example SSH config

Let’s add a few frequently used servers to ~/.ssh/config.

# Server 1: Web server (alias: webserver)
Host webserver
    HostName 192.168.1.100
    User ubuntu
    Port 2222
    IdentityFile ~/.ssh/id_ed25519_webserver # Dedicated key for this server

# Server 2: Development server (alias: devbox)
Host devbox
    HostName dev.example.com
    User developer
    IdentityFile ~/.ssh/id_rsa_dev # Using an RSA key
    # Forward local port 8000 to the remote server's port 80
    LocalForward 8000 localhost:80 

# Server 3: All AWS EC2 servers (alias pattern: aws-*)
Host aws-*
    User ec2-user
    IdentityFile ~/.ssh/aws_ec2_key.pem
    # Send keep-alives so the connection doesn't drop
    ServerAliveInterval 60
    ServerAliveCountMax 3

# General rule for a specific IP range (alias pattern: 10.0.0.*)
Host 10.0.0.*
    User admin
    Port 22

Explanation:

  • webserver: Connect to 192.168.1.100 as user ubuntu via port 2222, using the id_ed25519_webserver key.
  • devbox: Connect to dev.example.com as user developer using the id_rsa_dev key, and forward local port 8000 to remote port 80.
  • aws-*: Settings applied to any alias that begins with aws-, such as aws-prod or aws-dev.
  • 10.0.0.*: Automatically applies admin and port 22 when connecting to IPs in the 10.0.0.x range.

In practice, I don’t use wildcard (*) host patterns very often. It’s usually easier to manage connections when you define a 1:1 config per server. Also, sometimes I connect to the same server with different settings, so I add separate aliases and “pick” one—like choosing a menu item at a restaurant—then connect with ssh my-alias.

A magical network spreading out when you press the SSH connect button

How to use the config file

Once you’ve saved settings in your config file, connecting becomes much simpler. Let’s try it using the examples above.

1. Connect using an alias

Run SSH using only the alias:

  • Using the webserver alias:
ssh webserver
Enter passphrase for key '/home/youruser/.ssh/id_ed25519_webserver':
ubuntu@webserver-ip:~ $

Internally, this is equivalent to running: ssh -p 2222 -i ~/.ssh/id_ed25519_webserver ubuntu@192.168.1.100

  • Using the devbox alias:
ssh devbox
Enter passphrase for key '/home/youruser/.ssh/id_rsa_dev':
developer@devbox-domain:~ $

(At the same time, your local port 8000 will be forwarded to port 80 on dev.example.com.)

Benefits of using SSH config

  • Convenience: Replace long, complex SSH commands with short aliases, reducing typing and mistakes.
  • Productivity: Jump between servers quickly and stay focused on your work.
  • Easier management: Keep all connection settings in one place. If a server IP changes, you update only the config file.
  • Security: Avoid leaving sensitive details (like key file paths) in your shell history.

Summary

The SSH config file is an essential tool for anyone who uses SSH regularly—developers and system admins alike. Use it to make your SSH workflow faster, cleaner, and more reliable. Open ~/.ssh/config and create your own aliases today!

If you’d like to read more SSH-related posts, try searching for “ssh” using the search box on the right.

And if you have any questions, feel free to ask in the comments!