Client Configuration
Published on 10 Mar 2004Tags #SSH
The most common use of the SSH client configuration in ~/.ssh/config
is the definition of aliases for host with special requiements.
Host ALIAS
HostName HOST
Port 12345
There are a few options that you should be aware of which can all either appear in a host section or globally.
-
Security: The
CheckHostIP
option will provide some protection against ip spoofing whereas theStrictHostKeyChecking
(no, ask, yes) command can even provent host key to be added to your~/.ssh/known_hosts
.CheckHostIP yes StrictHostKeyChecking ask
-
Forwarding agent connections: Whether this is enabled or not is controlled via the
ForwardAgent
option. See also agent forwarding. -
Forwarding ports: These are defined via the
ForwardLocal
and theForwardRemote
options. For details see port forwarding. -
Forwarding x11 connections: Whether this is enabled or not is controlled via the
ForwardX11
option. -
Authentication: It depends on your setup whether you intent to allow both methods of authentication on a host-per-host basis or globally. The following example contains the default settings:
PasswordAuthentication yes PubkeyAuthentication yes
-
rhost or shost authentication: This is evil. Don’t use it.
HostbasedAuthentication no RhostsRSAAuthentication no
See also: escape characters