The OpenSSH client ssh reads its configuration options sequentially from the following sources:
Command line arguments which you specify when calling ssh (see "Starting the OpenSSH client application"), scp (see "scp - Secure copying of files between computers in the network") and sftp (see "sftp - Secure file transfer between computers in a network").
User-specific configuration file ($HOME/.ssh/config)
Although this file does not generally contain information which is relevant to security, read/write permission should only be granted for its owner. Access should be refused for all other users.
System-wide configuration file (/etc/ssh/ssh_config)
This file contains default values for configuration parameters
if no user-specific configuration file exists or
if the relevant parameters are not specified in the user-specific configuration file.
The first value found applies for each option.
Syntax and semantics of the ssh configuration files
The ssh configuration files must have the following format:
The configuration file is subdivided into one or more logical sections. Each section starts with a
Hostoption which is followed by configuration options which differ from theHostoption. The nextHostoption marks the start of the next section, and so on. A section’s configuration options are only relevant for computers whose names are specified in the associatedHostoption.In each line the configuration file contains: optional blank, followed by a keyword and associated argument/associated argument list.
The keyword and argument (list) can be separated by:
a blank
an optional blank and precisely one “=”
For keywords no distinction is made between upper and lower case. Arguments are case-sensitive; even “yes” and “no” must be entered in lower case.
Empty lines and lines beginning with “#” are interpreted as comments.
A detailed description of the configuration options is provided in the OpenSSH man pages.