SSH client configuration - Multiple servers and different keys

If you just like me daily connect to multiple SSH servers, then I have a tip for you.

Typically when you connect to a server via SSH you enter a username, hostname and a password or a key. Maybe even a port number.

$ ssh user@host

There is an easier way! The SSH client is configurable. You can set up all this information in advance and just tell the client which configuration to use.

Scenario

John Doe has three servers that he usually connects to. He has his own private server doe.tld with the SSH server listening to port 1337 and two company servers server1.company.tld and server2.company.tld. He has no keys yet, but want one for the private server and one that can be used to access both the company servers.

Solution

Let's start with the keys. He needs two keys.

$ ssh-keygen -t rsa -C "john@doe.tld"
$ ssh-keygen -t rsa -C "john.doe@company.tld" -f ~/.ssh/company

He now has two keys. One for the private server and one for the company servers.

$ ls ~/.ssh/
company  company.pub  id_rsa  id_rsa.pub

Now the keys need to be placed in the authorized_keys file on all servers.

$ scp ~/.ssh/id_rsa.pub john@doe.tld:
$ ssh john@doe.tld 'cat id_rsa.pub >> ~/.ssh/authorized_keys'
$ scp ~/.ssh/company.pub johndoe@server1.company.tld:
$ ssh johndoe@server1.company.tld 'cat company.pub >> ~/.ssh/authorized_keys'
$ scp ~/.ssh/company.pub johndoe@server2.company.tld:
$ ssh johndoe@server2.company.tld 'cat company.pub >> ~/.ssh/authorized_keys'

And now the contents of the configuration file ~/.ssh/config.

Host myserver
Hostname doe.tld
Identityfile ~/.ssh/id_rsa
User john
Port 1337

Host s1
Hostname server1.company.tld
Identityfile ~/.ssh/company
User johndoe

Host s2
Hostname server2.company.tld
Identityfile ~/.ssh/company
User johndoe

He can now use a configuration by passing the name (Host) as the only argument to the ssh client.

$ ssh s1

Note: You can set this up without keys and just use passwords, but I strongly recommend using keys.