Table of Contents

ssh - How to configure ssh in Linux (sshd_config, ssh_config)



[Server Side Configuration] /etc/ssh/sshd_config

configuration of ssh deamon

Configuration Explanation
UseDNS no
PermitEmptyPasswords no
PermitRootLogin no
PasswordAuthentication yes yes or no

Allow SSH password authentication for specific users only

Match User user1,user2,user3
  PasswordAuthentication yes


[Client Side Configuration] /etc/ssh/ssh_config or ~/.ssh/config

$ vi ~/.ssh/config
$ chmod 600 ~/.ssh/config
Configuration Explanation
StrictHostKeyChecking no
UserKnownHostsFile=/dev/null Ignore “WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!”
ServerAliveInterval 15
LogLevel error Ignore “Warning: Permanently added the ECDSA host key for IP address 'X.X.X.X' to the list of known hosts.”

Example

Example1
###################################
# Common Configuration
###################################
# Don't listen yes/no.
StrictHostKeyChecking no
# Ignore "WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!"
UserKnownHostsFile=/dev/null
ServerAliveInterval 15
LogLevel error


###################################
# ssh test1
Host test1
    HostName 192.168.100.100
    User user2
    IdentityFile ~/.ssh/test.privatekey

Example2
# Don't listen yes/no.
host *
     StrictHostKeyChecking no

     # Ignore "WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!"
     UserKnownHostsFile=/dev/null

     ServerAliveInterval 15
Example3
host ALIAS
   HOSTNAME  IP or FQDN
   IdentityFile   PRIVATE-KEY-FILE


# ssh test1
Host test1
    HostName 192.168.100.100
    User user2
    IdentityFile ~/.ssh/test.privatekey

# ssh test2
Host test2
    HostName 192.168.100.100
    IdentityFile ~/.ssh/test.privatekey
    User user1
    ProxyCommand connect -H 192.168.0.10:9999 %h %p

# ssh test-server1, test-server2
Host test-server*
    user=user1
    IdentityFile ~/.ssh/test.privatekey


Host 192.168.0.100 test-server1
    IdentityFile ~/.ssh/privatekey


Host 192.168.0.100 192.168.0.101
    HostName 192.168.0.100 192.168.0.101
    IdentityFile ~/.ssh/privatekey





Linux