Intro
When you require access to a host or instance, you usually require some kind of authentication. Whether it be password, key files as well as a username. Utilising a username and password is relatively straightforward, but using a key file can sometimes be a bit fiddly, especially if you’ve not utilised any in a long while.
What we’ll do in this guide is set you up with a SSH host/config file to allow you easy access, every time, to your hosts or instances. If you’re connecting to a host on a regular basis, this should save you time in the long run.
When you use SSH via terminal for the first time on your machine, it automatically generates an SSH directory under ~/.ssh. If the directory never generated, please run the below command from your shell/ terminal.
mkdir -p ~/.ssh && chmod 700 ~/.sshFollowing this, you may also need to create the ssh configuration file. Have a look in your ~/.ssh directory and if the config file doesn’t exist, you can create it using the below command;
touch ~/.ssh/config
## make the file read/ write by the user only
chmod 600 ~/.ssh/configSSH config file structure
A typical config file will look like something below;
Host hostname1
SSH_OPTION value
SSH_OPTION value
Host hostname2
SSH_OPTION value
Host *
SSH_OPTION valueWhat you’re typically doing is creating a list of known hosts in a config file, with certain criteria required for each entry. Indentation isn’t required, but does make it easier to read.
For these examples, I’ll demonstrate configuration for utilising a key file based entry and a host with basic configuration. In regards to SSH key files, it’s probably best to store them either in the root of the ~/.ssh directory, or a subfolder in the ~/.ssh directory.
On your command line in the ~/.ssh directory, run the command $ nano config. I chose nano, you can choose whatever terminal editor you’re comfortable with. (To exit nano, hold ctrl and hit X, save, and exit)
Example 1 - Basic host configuration
Host hodor
HostName 192.168.1.100
User ubuntu
Port 22All we’re doing in this is stating that the host is named “hodor”, the HostName is the host IP, User is the username required for login/ auth, and a port of 22.
Now, to ssh to the host, instead of calling $ ssh ubuntu@192.168.1.100, we can now simply run $ ssh hodor.
ssh hodor
ubuntu@192.168.1.100's password:Example 2 - Host with key file
Before doing this, ensure you can access your host via normal methods with your key file.
ssh -i /path/to/keyfile hodor@192.168.1.100You may get a response from the command like the following;
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for 'keyhole.pem' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.The reason you’re seeing this is due to the key file being too open/ accessible to other users of your machine. Which isn’t a great thing by any stretch. So we need to lock this down, so only you can access/ utilise the key.
To do this, run the following;
sudo chmod 600 /path/to/keyfile.pemComplete. Now let’s move onto creating the entries for this host.
Host hodor
HostName 192.168.1.100
User ubuntu
IdentityFile ~/.ssh/keyfile.pem
Port 22Exit out and save.
Now, instead of having to type out that long command earlier to ssh with a key file, you can now type;
ssh hodor..and you’ll be taken straight to your instance secured with your key file.
Easy as that!
Any questions, please let me know in the comments.