Preamble
I’m slightly embarrassed to admit this, but it was a long time before I figured out how amazing this little file is and how exactly to put it to good use. The file I’m talking about is the SSH config file. By default, when you first connect to a server via SSH, you need to provide 3 things:
- username
- destination (domain name or IP address)
- authentication
And typically, if you don’t have a custom SSH config file set up, you’ll be prompted for a password. And depending on the administrator or owner of the server, that password can be pretty complex and annoying to enter every single time you want to connect. This is especially annoying if the server kicks you for inactivity every 10 minutes or so (because I’m writing code or researching while I have an open SSH connection). In some special scenarios that annoyance can compound to the point of impracticality. For example, in situations where you need to push a codebase to multiple destinations.
Generate SSH Key Pair
In order to alliviate our password pain point, we’re essentially going to automate step 3, authentication. And instead of providing a password, we’re going to use an SSH key pair. But before we can do that, we’ll need to generate one. To do this, we’ll be using a command line tool calledssh-keygen
ssh-keygen
uses a few cryptographic algorithms in order to generate your key pairs. Entire college courses can be written and taken on the subject of cryptography, but for the sake of brevity, rsa
is one you’ll see around a lot, it’s pretty common, but becoming less recommended. If your server supports it, from what I understand, it’s best to go with something like ed25519
. To generate your SSH key pair, run the following:
ssh-keygen -t ed25519 -f ~/.ssh/filename
The -t
flag allows you to choose the type of key to be generated, while the -f
flag allows you to set the filename of the resulting key.Upload Public Key
Depending on your hosting provider, the upload procedure may be different for different hosts, but the important thing is to only upload your public key. Typically, in various technical documentations, they’ll suggestcat
ing out the contents of your public key with something like cat ~/.ssh/filename.pub
. And yes, if it’s in your hosting providers official documentation, I’d recommend going with that. However, I did want to make note of a pretty cool tool I discovered while researching this.authorized_keys
. This is a special authorization file that stores login credentials for specific users. So in this case, an easier technique than copy/pasting from your public key into the authorized_keys
file (which you can still do) is use the ssh-copy-id
command like so:
ssh-copy-id -i ~/.ssh/filename.pub user@remoteserver
The -i
flag designates an input file (public key) and the final argument is the ssh connection you want to set up, so user@host
. This will automatically copy the contents of the public key and paste it into the authorized_keys
file! Be sure to connect after running this command and confirm the correct key is in authorized_keys
Create or Edit your SSH Config File
While, yes, technically you can call it quits after your public key is server-side, and you can connect without using a password. But this is still kinda annoying if your hostname is super long. How wants to type ssh user-2flis9vgsdf@9v0asdles.hostname.io
just to connect without a password? Who can even remember that? This is where the config file becomes your best friend.
If you don’t have an SSH config file (you’ll probably know if you do or not. If you have one, you likely created it yourself). Either way, you can check if a config file exists by listing the contents of your .ssh
directory like ls ~/.ssh
. If you see a file named config
, then you have one. Otherwise, you can create one with touch ~/.ssh/config
and open it with your favorite text editor.
Using our example above, let’s create a config for ssh user-2flis9vgsdf@9v0asdles.hostname.io
and let’s assume we generated an ssh key for this host that’s called hostname
.
ssh user-2flis9vgsdf@9v0asdles.hostname.io
, all we have to do is type ssh hostname-staging
and boom. That’s it. You’re connected. No passwords. No hassle. One-time setup that makes future connections easy and fast.