The OpenSSH Client Config File: Simplify your SSH Connections

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
[Music] hello again everyone and welcome back in today's video we're going to cover the client config file for openssh and this is very useful because if you have a bunch of servers that you connect to regularly like i do then the config file can be a great way to simplify these connections and actually help you to remember them i mean can you remember the ip addresses and the fully qualified domain names of every single server that you connect to i doubt it because as administrators will often connect to tens or hundreds or maybe even thousands of servers and having a config file that can help us remember and simplify these connections is definitely a great way to go speaking of a bunch of linux servers definitely check out lenode the sponsor for today's video you could use their service to set up your very own cloud linux server with a hundred dollars in free credit if you use the url that's on the screen right now that'll start your new account and give you access to their platform using the node's platform you can set up your very own linux servers like i mentioned they have all kinds of distributions there you can set up a wordpress site a minecraft server check out their kubernetes platform and they recently enabled auto scaling as well which is a great feature it could do horizontal auto scaling which means new servers can come online as your load increases so definitely check out lenot i really appreciate them sponsoring today's video they are awesome now before we get started and create our very own client config file for openssh i want to point you guys to the existence of a very special video that i've done and that video goes over openssh in great detail i'll leave a card for that video right about here and definitely check out that video if you want to learn more about openssh especially if you have no idea what i'm talking about then that video will teach you all the things about openssh now with all that out of the way let's go ahead and create our very own client config file for openssh alright so here on my laptop i have a terminal window open and i'm ready to go for this video i've set up three servers for three hypothetical companies the scenario is that we're a linux administrator and we have multiple accounts to manage and the three hypothetical companies that i've created servers for include acme shinra and skynet bonus points if you know the fandoms that the latter two are from let me know in the comments down below anyway as you probably already know connecting to a server via ssh is pretty straightforward we just type ssh and then the username at and then the fully qualified domain name or ip address in this case the fully qualified domain name for acme is acme.learnlinux.cloud so when i press enter it's going to first make sure that i actually want to connect to this server the ssh client is showing this message because i've never connected to this particular server before so what i'll do is i'll just type yes to confirm that i really want to connect to the server and then i'll press enter and then i'll type in the password and i'm in and i'm sure what you've seen so far is nothing new for many of you because you probably already know how to use ssh to connect to a one-off server but things are going to get a little bit more interesting as we connect to the other two servers so i'll just hold ctrl press d to disconnect from this one and let's connect to the second one so for that i'm going to run ssh yet again but this time the username of j is not on that server instead the username for skynet is admin so i'm going to connect to the server skynet.learnlinux.cloud as the user admin so i'll press enter same thing again here i'll say yes and then i'll type in the password and now i'm in now what's unique about skynet is that the username that i'm using for the ssh connection is not my own i used admin and the username here on my laptop is j so i'll disconnect and as you can see i'm logged in as j and i didn't even need to run that command because right here it shows the username at the beginning of the prompt now the reason why i'm mentioning this is because if i was to ssh into the original server the first one acme if you recall the command was ssh and then my username of j at and then acme.learnlinux.cloud now the thing is as you probably already know i can take off the username here because if i don't include a username at all then the ssh client is going to assume that the username on the target is the same as my local username and since they are a match i actually don't have to type my name i could simplify it down to ssh and then the fully qualified domain name so i left off the username and that's one less thing that i have to type so that's pretty cool so i'll type in the password and now i'm in now if i was to try that same thing on the second server and i'll leave off the username of course this won't work press enter i'll type in my password and of course it's failing and it's probably obvious why it's failing the username of j does not exist on the target server i should have used admin so i'm not able to simplify the command down to just the fully qualified domain name when i go to connect to it because the username is not the same on the target and now when i connect to the third server things get even more interesting check this out i'll use ssh and i use dash p that stands for port port 22 22 and then the username on that server is root and the fully qualified domain name is shinra dot learn linux dot cloud so i'll press enter i'll type in the magic password and now i'm in so with the command that we've just run we're using ssh as normal by default if you don't tell the ssh client that the target is using a different port it's going to assume the default of port 22. that's the default port for all the ssh servers out there by changing the port number you're making it a little bit harder for people to guess how to get into your server it's not really going to slow them down all that much but it's an easy change to make and it looks like shinra decided to run their ssh server on port 2222 which is why i needed to give it that option again without that option the ssh client is going to assume that i want to use the default of port 22 and that's why that worked so at this point we have three different servers and each one needs different parameters for me to connect to them and that could get a little confusing to try to remember those details i mean yeah i could include some of those details in documentation or something like that but there has to be a better way and of course there is if we create a config file for the local ssh client we can actually simplify most if not all of the parameters that we might use to connect to a server now if i list the storage for the dot ssh directory in my home directory i only have one file in there known hosts when it asked me at the beginning are you sure you want to connect to the server the reason why it knew that i hadn't connected that server before is because there wasn't an entry in the known host file that had the fingerprint of that server but after i connect for the first time it's going to save that fingerprint that's what the known host file is for again check out the ssh video that i've done if you want more information on that but also inside this folder we could include a config file for openssh it's not there by default but if there is a config file there named config then the ssh client will attempt to use it so let's go ahead and create the config file so what i'm going to do is just use nano it doesn't matter which text editor you happen to use and what we'll do is we'll save it in our dot ssh directory under the name of config and here it is so on the very first line what i'm going to do is type the word host with a capital h and for the host i'm going to call it just simply acme on the next line i'm going to press space twice it really doesn't matter you could do tab or four spaces whatever you want to do but i just want some indentation here to separate the options from the name of the host in this option here i'm going to call it hostname and what i'll set the hostname to is acme.learnlinux.cloud just like that now if you don't have a fully qualified domain name like i do then what you could do instead is just include the ip address here for the hostname parameter instead and that works just fine you don't have to have a fully qualified domain name but if you do it makes it that much easier i'll change it to the ip address here in a moment but let's go ahead and save the file in the case of nano that's controlling an o to bring up the save dialog i'll press enter and then ctrl x to exit out so now let's go ahead and connect to that acme server yet again but this time i'm going to type ssh and then acme i'm going to simplify it down to just that i'll press enter i just typed in the password i'll press enter again and here we are we're connected to the server that's pretty cool ctrl d to log out and as you can see i used simply ssh and then acme to connect to that server now let's take another look at that file and change it up a little bit to help you guys understand more about how this file works in case you don't already so i'll just use nano i'm going to open up that same file yet again and here it is what i'm going to do is change the name just randomly i'll just call it potato i don't know why maybe i'm just hungry and then for the host name what i'm going to do is change that to its ip address so now i changed the name of the host and i included the ip address for acme as well instead of the fully qualified domain name so i'll go ahead and save and close the file then we'll type ssh and then potato now notice that even though i type potato it's showing the ip address here which is pretty cool and now i'm in now as you can see right here the host name for the server that i just connected to is acme so the takeaway here is that it really doesn't matter what you call the host it doesn't have to match the actual name of the server this is not actually for the server this is for you this line right here that says host is specifically for you to create a nickname for the server something to refer to it by you type whatever you want it really doesn't matter what actually matters is that the host name is correct because that's the part that actually points the client to the proper server you could use the ip address right here as i have it or like i did earlier you can include the fully qualified domain name as well and that works just fine now let's go ahead and take this to another level and add some more configuration to this file i'm going to close it for now so this is the command right here that we used to connect to the skynet server as you can see it's using a different username a username of admin instead of my local username of jay so what i want to do is add this server to the config file as well so that way i don't have to remember which username i'm supposed to be using i want to basically set that ahead of time in the config file so let's bring that back up and we'll go all the way to the very end of the file and then i'll add a line break here to separate the first host section from the second one that i'm about to create and i'll change this back to acme so that way things don't get confusing but anyway the second server is skynet and now for the host name i'll type the fully qualified domain name for this one and there it is but what i'm going to do now is add another configuration option and that is going to be user with a capital u and then i'm going to set the username to admin so let's save the file and then we can simply run ssh and then skynet notice that i didn't type the fully qualified domain name and my local username of j doesn't exist on that server i should have typed admin at and then the fully qualified domain name but i didn't type that either let's see what happens so i typed in the password and now i'm in and the ssh config file allowed me to simplify the connection to this server quite a bit because i don't have to type the fully qualified domain name and i don't have to type the username either so even then i'm able to simplify this down to just ssh and skynet which is a lot easier for me to remember so what i'm going to do now is bring up the command that we used to connect to shinra and here it is not only do we have a different username with this one we also have a different port number as well so there's a little bit more going on with this one so let's go ahead and just add this to the config file as well and see how we can simplify this connection and here we have our ssh client config file then i'll add a line break we'll add shinra to our config file and for the host name that's going to be shinra.learnlinux.cloud the user is going to be root this time around and then the new option that i'm going to add is port with a capital p i'm going to set that to 2222. so now i no longer have to remember the username or the port for this connection and this config file will allow me to refer to it simply as shinra and all of these options are going to apply and the way that this is actually working is if you use the ssh command to connect to a server it's first going to check if you have a config file or not if it does find one it'll use it and if there's a match to what you're typing as the target server that matches in this file right here it's going to apply the parameters so if i was to type something else like genre2 or something like that then this will not match because that's not the same server name now as an aside you could also do something like this and put a star at the end of it that way if you have servers like shinra 1 shinra 2 and so on it'll match all of them but if you don't include an asterisk then it's going to expect an exact match which is why if i typed shinra 2 it would match here but if i type shinra then it will anyway let's go ahead and see it in action we'll save the file and then i'll type ssh and then shinra just like that and i'm in i didn't need to remember the username or the port number i put all of those things in the config file and now i can simplify that connection down to just two keywords and i'm good to go and that's all there is to it there's actually more parameters that you can include in your config file that i'm going to leave out of this particular video because i'm going to be doing another video that's going to build on this one so i feel like for now that's probably good enough as you can see using an ssh config file greatly simplifies your connections it can make it a lot easier for you to remember the parameters for all of your servers because well you don't have to remember them you can just include all the parameters in the config file and then at that point it makes everything a lot easier if you like this video please click that like button i would really appreciate that and i would also appreciate it if you subscribe to this channel because i have some awesome content coming very soon thank you so much for watching [Music] so [Music] you
Info
Channel: LearnLinuxTV
Views: 8,824
Rating: undefined out of 5
Keywords: Linux, Tutorial, Howto, Guide, Learn Linux, open-source, open source, gnu/linux, ssh, openssh, config file, client config, .config, ssh config, ssh howto, tutorial, ssh tutorial, open source software, learn linux tv, ssh server, command line, secure shell (protocol), linux ssh, secure shell, linux tutorial, configure ssh, secure shell tutorial, ssh keys, secure shell explained, linux ssh server, linux ssh configuration, linux ssh client, ssh configuration, ssh config file ubuntu
Id: MWqfc_fegVg
Channel Id: undefined
Length: 17min 23sec (1043 seconds)
Published: Thu Nov 18 2021
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.