314

Say I want to configure my ssh options for 30 servers with the same setup in my .ssh config file:

host XXX
     HostName XXX.YYY.com
     User my_username
     Compression yes
     Ciphers arcfour,blowfish-cbc
     Protocol 2
     ControlMaster auto
     ControlPath ~/.ssh/%r@%h:%p
     IdentityFile ~/.ssh/YYY/id_rsa

where the only thing that changes between these 30 machines is XXX.

Instead than repeating the above structure 30 times in my config file, is there another way to define a range of machines?

6 Answers6

357

From the ssh_config(5) man page:

 Host    Restricts the following declarations (up to the next Host key‐
         word) to be only for those hosts that match one of the patterns
         given after the keyword.  If more than one pattern is provided,
         they should be separated by whitespace.

...

 HostName
         Specifies the real host name to log into.  This can be used to
         specify nicknames or abbreviations for hosts.  If the hostname
         contains the character sequence ‘%h’, then this will be replaced
         with the host name specified on the commandline (this is useful
         for manipulating unqualified names).

So:

Host XXX1 XXX2 XXX3
  HostName %h.YYY.com
187

To minimize the setup you can have a .ssh/config like this one

Host X01
    HostName X01.YYY.com

Host X02
    HostName X02.YYY.com

...

Host X01 X02 ...
     User my_username
     Compression yes
     Ciphers arcfour,blowfish-cbc
     Protocol 2
     ControlMaster auto
     ControlPath ~/.ssh/%r@%h:%p
     IdentityFile ~/.ssh/YYY/id_rsa

Host X01 X02 ... could be replace by Host * if every host have the following configuration

  • 8
    This seems to be the only answer that actually helps the OP (and myself). – Mad Physicist Sep 27 '16 at 19:59
  • 1
    What is the priority order? Is it just stuff defined later in the file overrides stuff defined earlier in the file? Like say I had "Compression no" under "Host X01", would that then be overridden by "Compression yes" under "Host X01 X02"? – Ben Farmer Feb 07 '18 at 13:39
  • 13
    From the ssh_config manual:

    Since the first obtained value for each parameter is used, more host-specific declarations should be given near the beginning of the file, and general defaults at the end.

    – Guillaume Vincent Feb 07 '18 at 18:34
  • 2
    Can Host X01 X02 ... be replaced by *.YYY.com? That seems slightly more manageable if it works. – Michael come lately Sep 19 '19 at 20:46
  • I combined this answer with the one using %h and it works as a charm (I only had one hostname that needed to use an alias because too long. – mic May 06 '20 at 16:47
69

Simply use *

See man ssh_config:

PATTERNS A pattern consists of zero or more non-whitespace characters, ‘*’ (a wildcard that matches zero or more characters), or ‘?’ (a wildcard that matches exactly one character). For example, to specify a set of declarations for any host in the “.co.uk” set of domains, the following pattern could be used:

       Host *.co.uk

 The following pattern would match any host in the 192.168.0.[0-9] network range:

       Host 192.168.0.?

 A pattern-list is a comma-separated list of patterns.  Patterns within pattern-lists may be negated by preceding them with an
 exclamation mark (‘!’).  For example, to allow a key to be used from anywhere within an organisation except from the “dialup”
 pool, the following entry (in authorized_keys) could be used:

       from="!*.dialup.example.com,*.example.com"
  • Thanks! That seems to be what I need, but I still don't understand how to adapt it to my case. Do I use a question mark ? wherever I want it to be replaced by the pattern matched by the * sign? – Amelio Vazquez-Reina Jan 17 '13 at 18:59
  • 3
    Hmm. I think patterns serves a different purpose from what I need. They redirect multiple queries to the same config entry, but the parameters of the Host are fixed (i.e. patterns cannot be used to template the parameters). Am I wrong? – Amelio Vazquez-Reina Jan 17 '13 at 19:03
  • 7
    @user27915816 Yes, you are right, there is no way to do "templates" as far as I know. The best you can do is separate out the constant lines into a single Host * entry, and have a separate entry for each Host XXX that consists only of the parts that vary (i.e. the Hostname XXX.YYY.ZZZ line). – jw013 Jan 17 '13 at 19:47
  • This page is the top result (for now) when Googling "ssh config wildcards", so thanks for providing an answer that addresses that question. – vastlysuperiorman Sep 10 '18 at 19:00
  • For multiple hosts/patterns use Host a b c. Joining them with commas, as the doc snippet shows, will not work for the Host declaration. – rjh Aug 03 '23 at 14:36
19

From Ignacio Vazquez-Abrams and H.-Dirk Schmitt's answers, one can add the following to .ssh/config

HOST XXX*
    HostName %h.YYY.com
    User myname

and then, for example, you can login as myname@XXX2.YYY.com by

ssh XXX2
Vito Chou
  • 291
  • since XXX* implies XXX.YYY.com already, HostName should only be %h, not %h.YYY.com – biocyberman Feb 11 '19 at 09:15
  • 1
    @biocyberman XXX* implies XXX.YYY.com if and only if you type ssh XXX2.YYY.com instead of just ssh XXX2 – Vito Chou Jan 22 '20 at 12:45
  • 1
    If I'd like to add a prefix for these types of hosts, how could I remove the prefix from %h? For example, I'd like to use ssh Company-Machine to connect to machine.worpskace.something and ssh Company-Boss to boss/worpskace.something. The %h will be company-machine instead of machine. – TJM Sep 22 '21 at 20:19
11

this works for me:

CanonicalizeHostname yes
CanonicalDomains xxx.auckland.ac.nz yyy.auckland.ac.nz

host  *.xxx.auckland.ac.nz
   user myuser
host *.yyy.auckland.ac.nz
   user myuser

this allows one to use names within the domain and have the username changed:

bluebottle:~ user_one$ ssh itslogprd05
myuser@itslogprd05.xxx.auckland.ac.nz's password: 
1

The following way works.

Host 10.10.* 10.11.*
     User vagrant
edib
  • 127
  • 4