Skip to content

bencromwell/sshush

BranchesTags

Repository files navigation

sshush

Full docs can be found here: https://sshush.bencromwell.com

Intro

Sshush takes a bunch of YAML and produces an SSH config file.

Default Paths

  • Source: ~/.ssh/config.yml
  • Destination: ~/.ssh/config

Premise

I wanted a way to manage my SSH config file based on inheritance.

This lets you group together hosts and common options, that can be optionally and selectively overridden.

For example:

  • All my servers at cloud provider have the same port.
  • All my servers at other cloud provider share a common username.
  • All my local Unifi devices share a specific SSH key.
  • All my ancient Cisco hardware at work shares an outdated Cipher configuration.

Installation

Download a release from the GitHub releases page. Place it somewhere in your $PATH.

Configuration

Globals

Options that apply to the catch-all Host *.

Defaults

Basic options such as a default User or IdentityFile.

Can be overridden by group or individual host entries.

Example

This example demonstrates global and defaults:

---
global:
  UseRoaming: "no"

default:
  User: ben
  IdentityFile: ~/.ssh/id_rsa

web_servers:
  Config:
    Port: 2201
    IdentityFile: ~/.ssh/digital_ocean
  Hosts:
    projects-do-1: projects-do-1.example.com
    projects-do-2: projects-do-2.example.com
    projects-aws:
      HostName: projects-aws.example.com
      IdentityFile: ~/.ssh/aws

raspberry_pis:
  Config:
    User: pi
  Hosts:
    pi1: 192.168.0.107
    pi2: 192.168.0.108

local:
  Hosts:
    router:
      HostName: 192.168.0.1
      User: root
    kodi: 192.168.0.200

work:
  Config:
    User: bcromwell
  Hosts:
    workpc: 10.0.0.80
    gitlab: 10.0.0.30
    jenkins: 10.0.0.20

This results in:

# Generated by sshush v2.1.0
# From path/to/readme.yaml

# web_servers
Host projects-aws
    HostName projects-aws.example.com
    IdentityFile ~/.ssh/aws
    Port 2201
    User ben

Host projects-do-1
    HostName projects-do-1.example.com
    IdentityFile ~/.ssh/digital_ocean
    Port 2201
    User ben

Host projects-do-2
    HostName projects-do-2.example.com
    IdentityFile ~/.ssh/digital_ocean
    Port 2201
    User ben

# raspberry_pis
Host pi1
    HostName 192.168.0.107
    IdentityFile ~/.ssh/id_rsa
    User pi

Host pi2
    HostName 192.168.0.108
    IdentityFile ~/.ssh/id_rsa
    User pi

# local
Host kodi
    HostName 192.168.0.200
    IdentityFile ~/.ssh/id_rsa
    User ben

Host router
    HostName 192.168.0.1
    IdentityFile ~/.ssh/id_rsa
    User root

# work
Host gitlab
    HostName 10.0.0.30
    IdentityFile ~/.ssh/id_rsa
    User bcromwell

Host jenkins
    HostName 10.0.0.20
    IdentityFile ~/.ssh/id_rsa
    User bcromwell

Host workpc
    HostName 10.0.0.80
    IdentityFile ~/.ssh/id_rsa
    User bcromwell

# Global config
Host *
    UseRoaming no

Notes

This was originally written in Python, which can be found in the 1.x branch.

About

SSH config management from YAML files, with groups

sshush.bencromwell.com/

Topics

ssh ssh-config

Resources

Readme

License

MIT license
Activity

Stars

5 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases 10

v2.1.0 Latest
Aug 31, 2025
+ 9 releases

Contributors 2

Languages