Edit

SSH Config

Efficient SSH configuration is essential for DevOps engineers managing cloud infrastructure (AWS, Azure, GCP) and automating secure connections. This guide covers practical SSH config usage, real-world examples, and best practices.

What is the SSH Config File?

  • Located at ~/.ssh/config

  • Allows you to define connection settings for multiple hosts

  • Simplifies SSH commands and enables advanced features (jump hosts, key management, etc.)

If the file does not exist, create it:

touch ~/.ssh/config
chmod 600 ~/.ssh/config  # Secure the config file

Basic SSH Config Structure

Host <alias>
  HostName <server_ip_or_dns>
  User <username>
  IdentityFile <path_to_private_key>

Example: Connect to an AWS EC2 instance

Host nano-server
  HostName 174.129.141.81
  User ubuntu
  IdentityFile ~/t3_nano_ssh_aws_keys.pem

Now connect with:

Multiple Hosts and Wildcards

You can define multiple hosts and use wildcards for bulk configuration.

  • * matches any number of characters (e.g., dev-* for all dev servers)

  • ? matches a single character (e.g., ?-server)

  • ! negates a match (e.g., !prod-server)

Real-World DevOps Examples

1. Use a Jump Host (Bastion)

2. Use Different Keys for Different Clouds

3. Forward SSH Agent for Git Operations

Best Practices

  • Always set permissions: chmod 600 ~/.ssh/config

  • Use descriptive aliases for hosts

  • Use wildcards to avoid repetition

  • Never commit private keys or sensitive config to version control

  • Use ProxyJump for secure access to private networks

  • Document your config for team use

References

Tip: Use SSH config to simplify Ansible, Terraform, and cloud CLI workflows by referencing host aliases instead of full connection strings.

Add to SUMMARY.md

PreviousSSH - Secure Shell)NextSSH Port Forwarding

Last updated