Episode: 1856
Title: HPR1856: ssh config
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr1856/hpr1856.mp3
Transcribed: 2025-10-18 10:14:31

---

This is HPR Episode 1856 entitled SSH Config.
It is hosted by Klaatu and is about 12 minutes long.
The summary is Klaatu talks about SSH Config.
This episode of HPR is brought to you by AnanasThost.com.
Get 15% discount on all shared hosting with the offer code HPR15.
That's HPR15.
Better web hosting that's honest and fair at AnanasThost.com.
You are listening to Hacker Public Radio.
My name is Klaatu and today I wanted to talk about SSH Config.
You might be thinking about SSH Config.
Everyone knows about SSH Config.
That's the place that you go to Disable Route Login and Disable Password Login and change
your port and all those other things.
That's actually not the SSH Config to which I refer.
The one I'm talking about is the one that may or may not live inside of your SSH folder
in your home directory.
This is something that I actually myself just sort of found out about quite recently.
Maybe a couple of months ago.
I was setting up for someone a FileZilla file or a FileZilla like preference type of file.
In FileZilla, different accounts or different servers, you can create different servers to
go to different bookmarks, I guess, to go to different servers.
One of the things that I realized I needed to do was I needed to be able, just within FileZilla,
to be able to use SFTP, so that's FTP over SSH protocol to sign into certain, you know,
one server or another.
But there was no way, like on the command line, for instance, let's say that you have two
server accounts, FU.com and a bar.com server out there in the world.
And for one, you want to use a specific key and for the other, you want to use a different
key, for whatever reason.
And on the command line, the way that you would do that is you would just do, I'm just simplifying,
the simplest possible command would be SSH-I for identity file.
And then you would point it to the identity file that you want to use.
So that would be till the dot SSH, let's just call it FU underscore RSA.
And that's what you would, and then you would clad to at FU.com.
And then SSH would know to use FU underscore RSA rather than say your default, which usually
the default, you know, if you didn't do anything specific is ID underscore RSA.
So, and then to go to bar, you would go SSH-I or space-I, space till the slash dot SSH slash
bar underscore RSA, and then clad to at bar.com.
So I needed that functionality, but I needed it to be automated.
I couldn't, I did not have the option of doing all of that on the command line because
for this user, it was going to be a bookmark in filezilla, okay.
So that's when I found out about SSH, personal SSH config files.
And they're pretty easy to, to create and to use.
And the first step is to simply touch, touch till the slash dot SSH slash config.
Now that that exists, you can open it up and start putting things into it, or you can
just echo this stuff into it.
To however you manage your own text files, that's your business, the point being.
We could do, let's say we're going to set up again, just food.com bar.com.
So we would say in the config file that we've just created, host, space, food.com.
And then underneath that host, I like to indent it, ID hostname, food.com, identity, next
line, identity file, slash home slash clattu slash SSH slash food underscore RSA.
And protocol two, I don't know if the protocol two is strictly necessary, but I go ahead
and define it because the example that I found did so.
And then a couple, you know, little bit of white space and then do a new host, host, spacebar.com,
hostname, bar.com, identity file, slash home slash clattu slash dot SSH slash bar underscore
RSA and protocol two.
So you've got essentially four line stanzas of, you know, the host, food.com.
That's what when you, when you type in SSH clattu at food.com, it's going to search the
config file for a host with the name food.com.
The hostname is food.com identity file is, is pointing to your SSH key.
And then protocol is two unless you happen to know better, you know, maybe you're using
something else.
I don't know.
So with all of that in the, in the config file and you're the personal little config file,
you can pretty much start using it and, and using it is really, really simple, rather
than doing SSH space slash i path to key file, user name at hostname.
All you do is just SSH normally just SSH clattu at food.com will, it will, it will see
the food.com host in my config file, it will use that hostname.
So that's a hostname.com.
It will use the identity key that I'm pointing to.
So in that case, it would be slash home slash clattu slash dot SSH slash food underscore
RSA.
And of course, it will go over protocol two.
So that'll get me into my food.com server.
And I didn't even have to specify the key file.
And the same goes for the bar.com server, it would, it would, it would detect, it would
find that I'm referring to a host that I have in my, in my config file.
And, um, and then log into that thing with that identity file.
So it's, it's very handy.
It's not like super handy, but it does come in handy sometimes, specifically again for
things where you're not actually interacting with SSH directly on a command line.
And maybe you can't, you know, maybe there aren't places for, for extra options or something
like that.
I honestly don't remember exactly why I felt like I had to do it that way for filezilla.
I just remember that for some reason that was the, the, the answer that I, that I did.
And it has since come in very handy for like my backup scripts.
I, I use our diff backup for my backing up scripts.
So I can have a specific key file that my cron job uses in order to get into my home server
that's using, you know, that is serving as my backup drop off point.
I know it's not off site.
So sue me.
Um, yes.
And that's, that's, that's the config file.
If you look at man SSH underscore config, you'll see pretty much everything I've talked
about and a whole lot more.
You'll find that the config file, I mean pretty much anything that you personally do on
the command line when SSHing can basically be just passed to the config file.
And then you can, um, you can just use that.
So in other words, like, if you do SSH dash P 999, clad2atfew.com, normally, then the
dash P, of course, is saying go to this port instead of 22 go to this port 999 or whatever.
So, um, you could put port, the port keyword in your config file under that host name,
the food.com host block and just tell it what port to use 999.
And from then on, whenever you SSH to clad2atfew.com, it will use port 999, the identity file
that you're pointing to and so on.
So there are a lot of options, um, don't, don't feel like really you have to do, you know,
anything on the command, on the, on the command line itself.
And I guess you could file it under, um, interesting pranks as well.
You can actually, you can use the host name in the config file to give it the, like, the,
actual host name to use.
So for instance, uh, for your host, like hostfood.com, that first line, that, that's the host
is the host name argument given on the command line.
So I could put like SSH, um, well, I could just do SSH, uh, food, I guess.
And I mean, normally that would default to your local network, but if you, if you flag
food as your host in your config file and then pass a host name, uh, then as food.com,
then that, uh, I guess can that canonicalizes the, the host name to the correct thing food.com
or, or, or whatever, I mean, it could be, you know, it could be anything.
So I guess I'm wrong.
It doesn't, it wouldn't necessarily be a prank.
I was, the, where I was going with that originally was, hey, you could do a prank and do like,
you know, SSH food.com resolves to hostnamebar.com and that would confuse your friends.
Um, but I mean, in actuality, there's obviously an, an actual reasonable use for that.
I just happened not to use it that way.
I just always put my host and hostname as the same thing right now because I don't know.
I just never thought really to shorten things or make things easier.
So there you go.
That is, um, the config file for SSH.
It is not the one located in slash Etsy.
You do not need root privileges to edit that thing.
You can make your own little personalized config options right in your own dot SSH folder.
And of course, they'll kind of be portable now because you can just take your dot SSH folder
anywhere with you and then you'll always have the same, the same identity files and the
same, or rather, you know, the same options when you, when you use your SSH command, it
will point to all the right places.
So that's been kind of neat for me, like I say, it hasn't been, I wouldn't say it was
life changing by any, by any means, but, um, it has been quite nice.
It's been, it's been kind of helpful here and there.
So give it a try if you think that sounds useful.
I think that's about all I have to say on this subject.
So this has been Hacker Public Radio and, uh, again, my name is Clat 2 and I will talk
to you next time.
You've been listening to Hacker Public Radio at Hacker Public Radio dot org.
We are a community podcast network that releases shows every weekday, Monday through Friday.
Today's show, like all our shows, was contributed by an HBR listener like yourself.
If you ever thought of recording a podcast and click on our contributing to find out
how easy it really is, Hacker Public Radio was founded by the digital dog pound and the
infonomicom computer club and it's part of the binary revolution at binrev.com.
If you have comments on today's show, please email the host directly, leave a comment on
the website or record a follow-up episode yourself, unless otherwise status, today's show
is released on the creative comments, attribution, share a live 3.0 license.