How to manage multiple ssh sessions with ease on Mac OS X

There are two ways I manage, or have seen people manage, SSH data:

Good 'ole, command line, plain text, ssh_config file.

Create a file called config inside ~/.ssh. You can specify global parameters by putting them above any host declarations. When I started using MacPorts, I had to explicitly define a default SSH Private Key to use automatically when connecting, so as the very first line of the file I put;

IdentityFile ~/.ssh/id_rsa

When you define custom rules for hosts (and you can even use * as a wildcard), it looks something like this:

Host prod-*
  User jason
  Port 2222
  LocalForward 5901 localhost:5901
  IdentityFile ~/.ssh/work-id_rsa

Then when I run ssh prod-script for example, all the rest of the rules get applied automatically.


A lot of people who don't want to manually manage all their stuff in such a cumbersome manner quickly find JellyfiSSH. (Mac App Store Link. The same people also became very annoyed when it stopped being downloadable for free.)

JellyfiSSH gives you GUI access to almost everything that can be specified in the command line or ssh_config file. JellyfiSSH is just a configuration storage app for organization purposes, because it generates the commands based off the options you set and upon clicking connect, opens a new terminal window with all of your options defined on the command line. JellyfiSSH is not a terminal app on it's own.


You can make files such as Example.command then make it executable: chmod 755 Example.command and double-click the file to open a connection:

#!/bin/sh

exec /usr/bin/ssh [email protected]

exit 0

If you just want to be able to connect from the command line using an alias (easy to remember word), you can set those up in ~/.ssh/config

Host foo
HostName some.really.long.hostname.here.com
Port 22
User bigfun

Then you can connect using the host foo

ssh foo

Or you can just make functions in your shell configuration file (~/.bashrc or ~/.zshenv):

s1 () {
    ssh -v [email protected]
}

then you can connect to example.com just by typing s1 at the command line, and it will use level 1 verbosity.

Lastly, you could use ssh auto-completion, but the syntax for that will depend on your shell of choice. A quick google for 'ssh autocomplete YourShellHere' should turn up some examples.

Use a passphrase and the OS X Keychain

The most important thing, IMO, is to setup ssh to work with a passphrase. OS X has great keychain integration built-in since Leopard.

ssh-keygen -t dsa -f ~/.ssh/id_dsa -C "[email protected]"

cat ~/.ssh/id_dsa.pub | ssh [email protected] 'cat – >> ~/.ssh/authorized_keys'

(Source: http://www.paosborne.com/blog/?p=369.)

Then when you ssh to a new machine, the OS X keychain will prompt you for your ssh passphrase

See also http://www.dribin.org/dave/blog/archives/2007/11/28/ssh_agent_leopard/ for a fuller description. The article is older, but Lion works the same way.

Don't forget Dropbox

If you log into multiple machines, you can sync your ~/.ssh/config file via Dropbox. I keep mine in ~/Dropbox/etc/ssh/config.txt and then I do:

cd ~/.ssh
ln -s ../Dropbox/etc/ssh/config.txt config

I do the same thing as with my ~/.zshenv:

cd
ln -s Dropbox/etc/zshenv.sh .zshenv

In fact, I put all my shell scripts in ~/Dropbox/bin/ and added that to my $PATH too, just to cover all my bases.