Advanced client configuration

SSH clients can be extensively configured, with caution.

Motivation

SSH clients can be configured through the configuration file ~/.ssh/config.

An example of this is demonstrated in the earlier page Set up an SSH key pair.

Some configuration settings are specific to individual operating systems. In the sections below, we provide a series of examples for the purpose of illustration and documentation.

Importantly, all the configuration parameters presented in this page are all optional. They are presented here for the purpose of information and help. We do not recommend configuring any of those parameters in your own environment unless you identified the need for them.

Examples

Windows

Host *
    IdentityFile ~/.ssh/id_ecdsa
    Port 22
    Protocol 2
    TCPKeepAlive yes
    ServerAliveInterval 300
    ServerAliveCountMax 2
    Compression yes

See the Cheatsheet section below for information about individual settings.

macOS

Host *
    IdentityFile ~/.ssh/id_ecdsa
    Port 22
    Protocol 2
    TCPKeepAlive yes
    ServerAliveInterval 300
    ServerAliveCountMax 2
    Compression yes
    XAuthLocation /opt/X11/bin/xauth
    # macOS only
    AddKeysToAgent yes
    UseKeychain yes
    PubkeyAuthentication yes

See the Cheatsheet section below for information about individual settings.

Cheatsheet

All operating systems

OptionDescrition
IdentityFilePath to the private SSH key file on your personal computer.
PortPort number to connect on the remote host (default: 22).
ProtocolProtocol version of SSH to use.
TCPKeepAliveWhether TCP keepalive messages are regularly sent, which is useful to notice if the connection dies at any point.
ServerAliveIntervalTimeout interval in seconds after which the client will request a response from the server if no data has been received recently.
ServerAliveCountMaxNumber of server alive messages which may be sent to the server without receiving any reply before ssh disconnects from the server.
CompressionWhether to use compression.

macOS settings

OptionDescrition
AddKeysToAgentWhether keys should be automatically added to a running ssh-agent.
UseKeychainWhether passphrases are stored in the keychain.
PubkeyAuthenticationWhether to try public key authentication using SSH keys.
XAuthLocationFull pathname of the xauth program.

More information about fields that may be configured for macOS is available on the page OpenBSD manual page server →.

More information on the field UseKeychain is available on the page Technical Note TN2449 →.