SSH Client Config File (~/.ssh/config) Tips

Created On: 2017-01-05 Updated On: 2019-12-11

SSH client is one of the common tools used on linux system. Its config file have some interesting use cases that may not be obvious to new users.

Define Host Alias

Host can be used to define host alias. You can define one or more alias for one hostname.

For example,

Host myserver

Host ipad

Now you can connect to the host using host alias on the command line:

ssh myserver
ssh ipad

Many tools that use ssh can accept host alias, such as git, rsync, fabric1.

rsync -air -n ~/myfiles myserver:/tmp/

Connect to Private IP Using a Gateway Server

If you have a ssh server running on a private network, usually you must first login to a gateway server that has both a public network and a private network. Using ssh config file, this process can be simplified.

Suppose you have a gateway server at and, a private server at You can define an entry for the private host like this:

Host pri
ProxyCommand ssh sshgw nc %h %p

Host sshgw

Now you can connect to private node directly on the command line:

ssh pri

Network traffic is still routed via the gateway server, but it's much easier for the user.

Connect to SSH Server Using Local socks5 Proxy

If you have host that is blocked by GFW, or should be accessed via a socks5 proxy, you can config ProxyCommand for the host.

Suppose your socks5 proxy server runs at

Host some-host-or-ip
ProxyCommand /bin/nc -X 5 -x %h %p

Similarly, if you have a https proxy at, you can use

ProxyCommand /bin/nc -X connect -x %h %p

For more information, see man nc.

Config Default Ports For All Hosts

In some environment, ssh server is configured to not listen on default port 22. In such case, you can config a default port for all hosts:

Host *
Port 9632

Now you don't need to explicitly use -p parameter on the command line.

If you manage more than 1 environment, you may learn more about host pattern matching. You can use '*' and '?', and match on hostname or ip address. You can read more about that in man ssh_config.



Requires env.use_ssh_config = True, see

Is this post helpful?