SSH is one of the key tools used for modern web development but it's not very well known that ssh can be configured to make life easier. Modern applications often bear little resemblance to those that existed when ssh was developed so tweaking the default settings is increasingly important.


At work lots of our infrastructure sits in AWS where we run applications on autoscaled servers. We deploy very regularly and each deployment means completely replacing the application's servers. This undermines the public fingerprint check that ssh offers because you will likely only connect to each server at most once over its lifetime. AWS instances also have a default username. Typing ec2-user every time gets old fast.

SSH config

If you're running ssh on a UNIX server of some sort, you can create a config file in your ~/.ssh directory. I create a section in the config file for AWS servers that looks like the following:

Host ec2-*
  User ec2-user
  StrictHostKeyChecking no
  UserKnownHostsFile /dev/null
  LogLevel QUIET

Note: If you use Ubuntu instances the user should be ubuntu in place of ec2-user

The Host line scopes the following configuration to servers that match the pattern that follows. I've decided to match any server in the eu-west-1 region, your pattern will probably be different. You can match any region with something like ec2-*

We then provide the config for matching servers, first specifying the user as ec2-user. This will be used as the default user when a sshing to a server matching the Host pattern. The last three lines disable the public fingerprint check and make the console output a little less spammy.

Also useful for other servers!

Creating a good ssh config is always very useful so don't feel limited to doing this only for your AWS instances. I have quite a few server configurations that act as simple aliases for a server and user. Something like the following will save you lots of typing if you ssh to the machine quite a bit.

Host example
  User my-user

With this config in place, ssh example is equivalent to ssh

There's lots more you can do with your ssh config so have a look at the man page and let me know if you come up with something amazing.