Include files in your ~/.ssh/config

Recently as I was setting up my new rig (System 76 Galago Pro, review to come, I promise) I came to realize that my SSH config, ~/.ssh/config had turned into absolute bloatware.

There’s stuff in there from previous jobs and projects, stuff for servers that don’t exist anymore and worthless attempts to “organize” by adding comment headers.

It was a mess and I had to find a better way.

Fortunately a quick man ssh_config later and I had found a solution!

By the way, it’s worth noting that these days I have been doing my damnedest to leverage my local knowledge base (a/k/a man pages) before attempting to Google (ahem, DuckDuckGo) an answer.

So as it turns out, similar to your .gitconfig, your ~/.ssh/config can also support an “include” directive.

Said include directive can support file globs but I personally prefer to include files individually. This allows me to disable files down the road by commenting them out but also allows me to keep the files around for posterity.

Turns out I don’t version any of SSH files as it just seems like a security problem considering there are private keys in there but also certain configuration settings that I’d prefer that nobody openly knows about.

Okay, so this include directive doesn’t have much to it, simply use Include followed by a filename (relative to ~/.ssh) and you’re off to the races!

If you wanted to include all of the files in ~/.ssh/config.d you would add Include config.d/* to your configuration.

If you’re like me and want to group project stuff into individual files, you can include them individually with the path and filename: Include config.d/awesome-project

Not much to it but I couldn’t be happier as I now have a handful of smaller configuration files instead of one gigantic monolithic config!

Please keep in mind that the include directive is only available in OpenSSH version 7.3p1 and above.

Fortunately though, at least for the distros I personally run (Debian stable and Arch), OpenSSH is at 7.4p1 and 7.8p1 respectively.

With that, I did run into some issues with zsh on Debian that prohibits tab completion for hostnames that are contained in included files. Everything has been fine on Arch so I suspect it’s just an issue that needs to be waited out or I need to figure out how to installed a more modern zsh autocomplete implementation.