Managing network devices via SSH typically involves remembering IP addresses, usernames, and sometimes non-standard ports. The SSH config file (~/.ssh/config) eliminates this overhead by defining named aliases with pre-configured connection parameters.
The Problem
Connecting to a MikroTik switch requires typing the full connection string each time:
ssh [email protected]
scp backup.rsc [email protected]:/
This becomes tedious with multiple network devices, each potentially having different usernames, ports, or key files.
Solution
Create an SSH config file with host aliases.
Setting Up SSH Key Authentication
Before configuring the alias, set up key-based authentication on the device:
- Copy the public key to the device:
scp ~/.ssh/id_rsa.pub [email protected]:will.pub
- SSH in and import the key:
- In RouterOS:
/user/ssh-keys/import public-key-file=will.pub user=will
/file/remove will.pub
Alternatively, import via WebFig under System > Users > SSH Keys.
Creating the SSH Config
Create or edit ~/.ssh/config:
Host mikrotik
HostName mikrotik.minoko.life
User will
Set appropriate permissions:
chmod 600 ~/.ssh/config
Usage
Connect with the alias:
ssh mikrotik
Run commands directly:
ssh mikrotik '/system/resource/print'
ssh mikrotik '/interface/print brief'
Copy files:
scp config.rsc mikrotik:/
Additional Options
The SSH config supports numerous parameters for different scenarios:
| Option | Purpose | Example |
|---|---|---|
IdentityFile | Specify SSH key | ~/.ssh/mikrotik_key |
Port | Non-standard SSH port | 2222 |
ServerAliveInterval | Keep connection alive | 60 |
LocalForward | Port forwarding | 8080 localhost:80 |
ProxyJump | SSH through bastion | bastion-host |
Example with multiple options:
Host mikrotik
HostName mikrotik.minoko.life
User will
IdentityFile ~/.ssh/id_rsa
ServerAliveInterval 60
Multiple Devices
Scale the config for an entire network infrastructure:
Host mikrotik
HostName mikrotik.minoko.life
User will
Host opnsense
HostName firewall.minoko.life
User root
Host proxmox
HostName proxmox.minoko.life
User root
Verification
Test the connection:
ssh mikrotik '/system/identity/print'
Expected output:
name: MikroTik
Summary
The SSH config file transforms verbose connection commands into simple aliases. Combined with key-based authentication, it provides secure, convenient access to network infrastructure without remembering IP addresses or credentials.