Services Hosting & Servers Tools Blog Search Company TürkçeTR
Get a Quote

How does ~/.ssh/config work?

~/.ssh/config is the OpenSSH client's personal configuration file, read before every connection, letting you define per-server connection shortcuts. Each Host block is a pattern (wildcards supported) matched against the alias you pass to the ssh command; options underneath it — HostName, User, Port, IdentityFile, and others — are applied automatically whenever you connect with that alias. That means instead of typing ssh -p 2222 -i ~/.ssh/id_rsa deploy@203.0.113.10, you just run ssh myserver. The file can contain multiple Host blocks; for any given parameter, the value from the first matching block wins — later matching blocks do not override it.

IdentityFile points to your private key's path — its contents must never be shared with anyone or pasted anywhere; only the .pub public key is meant to be shared. ProxyJump (the config-file equivalent of the -J command-line flag) is the modern way to connect through a bastion/jump host, replacing older indirect tricks like ProxyCommand ssh -W %h:%p bastion or ProxyCommand nc %h %p. Finally, ~/.ssh/config itself must be chmod 600 (readable/writable by its owner only) — OpenSSH's "strict mode" checking will refuse or silently ignore config and key files that are writable or readable by group or other users, often with a "Bad owner or permissions" warning.

When should you use SSH Config Generator?

The KEYDAL SSH Config Generator tool is a browser-based utility that developers, system administrators, SEO specialists and enterprise technology teams use in their daily operations. It requires no installation, is free, and produces results instantly. It is designed so local teams can run audits without connecting to server environments and run analyses without touching production.

Typical scenarios include: post-migration verification, comparing domain or hosting providers, diagnosing customer issues, security auditing (pre-pentest reconnaissance), root-cause analysis of email deliverability problems, validating CDN or proxy configuration, surfacing technical audit data for SEO teams, and rapid information gathering during incident response. You can copy results as text and share them or paste them into internal documentation.

The KEYDAL infrastructure team provides web hosting, VPS, dedicated server management, server hardening, DNS configuration and SSL/TLS deployment services from Türkiye. Beyond these tools, we deliver server setup and operations support across Hetzner, OVHcloud, Contabo, DigitalOcean and Turkish providers.

Your queries are never stored on our servers

KEYDAL tools run stateless: domain names, IPs, URLs or other inputs are not persisted to any database. Logs are kept only for security purposes (rate limiting, abuse detection) and deleted within 30 days. For tools that handle sensitive data (tokens, API keys, JWTs), processing happens entirely in your browser — nothing is sent over the network. See our Privacy Policy for details.

All tools run over HTTPS with TLS 1.3 support. KEYDAL is a Türkiye-based technology company and complies fully with local data-protection regulations (KVKK) and GDPR principles.

You may also be looking for

The KEYDAL free tools collection includes DNS lookup, WHOIS lookup, SSL certificate checker, HTTP headers analyzer, IP geolocation, uptime checker, JSON formatter, JWT decoder, Base64 encode/decode, QR code generator, meta tag analyzer and robots.txt tester. All browser-based, free, no installation.

If you are comparing server prices, see our web hosting, VPS, VDS, cloud hosting, dedicated server and storage pages. See all tools →

WhatsApp