- command-line options
- If a configuration file is given on the command line (i.e., ssh -F
), the system-wide configuration file (/etc/ssh/ssh_config) will be ignored
Advantages of Using Configuration File
There are some advantages of using configuration file to specify ssh directives:
- Can use shorthand to avoid long keystrokes
- Avoid mistakes
- Especially when you have lots of parameters to be specified and/or some of them using non-standard connection values.
User's Configuration File
Here are the sample contents from a user's configuration file (i.e., ~/.ssh/config):
Host devInstead of specifying:
- ssh firstname.lastname@example.org -p 22000
now you can just use the shorthand "dev" and the options will be read from the configuration file:
- ssh dev
Ssh session normally will prompt you for a password. However, you can also set up public/private keys for password-less logins.
Format of Configuration File
To get you started, here are the basics:
- Separated by "Host" specifications
- A single ‘*’ as a pattern can be used to provide global defaults for all hosts
- See here for more information on patterns
- The matched host name is usually the one given on the command line
- Empty lines and lines starting with ‘#’ are comments.
- Host, Match, etc.
- Used to specify session details including:
- Bind address
- Address family
- “any”, “inet” (use IPv4 only), or “inet6” (use IPv6 only)
- Other options
- See the directive reference here
- Arguments are case-sensitive
- Arguments may optionally be enclosed in double quotes (") in order to represent arguments containing spaces.
/var/log/secure – This file contains all security related messages on the system. This includes authentication failures, possible break-in attempts, SSH logins, failed passwords, sshd logouts, invalid user accounts etc.
-rw------- 1 root root 3091237 Sep 14 11:54 secure
-rw------- 1 root root 2429153 Aug 18 01:50 secure-20130818
-rw------- 1 root root 4695728 Aug 25 03:29 secure-20130825
-rw------- 1 root root 12348973 Sep 1 02:24 secure-20130901
-rw------- 1 root root 7211819 Sep 8 01:22 secure-20130908
As shown above, old secure files are archived periodically with their name annotated with the date.
/var/log/messages – This file contains messages of various programs and services including the SSH server.[6,7] Old message files are also archived periodically with their name annotated with the date.
- How to Keep Alive SSH Sessions
- Simplify Your Life With an SSH Config File
- How do I set up ssh so that I don't have to use a password? (Xml and More)
- 20 Linux Log Files that are Located under /var/log Directory
- How do I debug SSH problems?
- Difference between /var/log/messages, /var/log/syslog, and /var/log/kern.log?
- Verifying SSH Key Fingerprint and More (Xml and More)