OpenSSH /etc/ssh/ssh_config

Authentic ๐Ÿ“‹ Ubuntu 22.04 LTS (Jammy Jellyfish) 54 lines

Compatibility

Currently viewing:
Ubuntu 22.04 LTS (Jammy Jellyfish)
Also compatible:
Debian 11 (Bullseye) Debian 12 (Bookworm)
Different versions:

File Info

Size
54 lines
MD5
8a5bddc82befb71d8ef34cc903d3d077
SHA256
430210df52a502b2be267a69a3163e80d9fd0a5f3e2a0d3b520408964ff778fd

Quick Commands

curl:
curl https://exampleconfig.com/api/v1/config/original/8a5bddc82befb71d8ef34cc903d3d077?hint=ssh_config
wget:
wget -O ssh_config https://exampleconfig.com/api/v1/config/original/8a5bddc82befb71d8ef34cc903d3d077?hint=ssh_config
/etc/ssh/ssh_config
# This is the ssh client system-wide configuration file.  See
# ssh_config(5) for more information.  This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.

# Configuration data is parsed as follows:
#  1. command line options
#  2. user-specific file
#  3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.

# Site-wide defaults for some commonly used options.  For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.

Include /etc/ssh/ssh_config.d/*.conf

Host *
#   ForwardAgent no
#   ForwardX11 no
#   ForwardX11Trusted yes
#   PasswordAuthentication yes
#   HostbasedAuthentication no
#   GSSAPIAuthentication no
#   GSSAPIDelegateCredentials no
#   GSSAPIKeyExchange no
#   GSSAPITrustDNS no
#   BatchMode no
#   CheckHostIP yes
#   AddressFamily any
#   ConnectTimeout 0
#   StrictHostKeyChecking ask
#   IdentityFile ~/.ssh/id_rsa
#   IdentityFile ~/.ssh/id_dsa
#   IdentityFile ~/.ssh/id_ecdsa
#   IdentityFile ~/.ssh/id_ed25519
#   Port 22
#   Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc
#   MACs hmac-md5,hmac-sha1,umac-64@openssh.com
#   EscapeChar ~
#   Tunnel no
#   TunnelDevice any:any
#   PermitLocalCommand no
#   VisualHostKey no
#   ProxyCommand ssh -q -W %h:%p gateway.example.com
#   RekeyLimit 1G 1h
#   UserKnownHostsFile ~/.ssh/known_hosts.d/%k
    SendEnv LANG LC_*
    HashKnownHosts yes
    GSSAPIAuthentication yes

How to Install OpenSSH

Alpine Linux

sudo apk add openssh-server

Debian

sudo apt update && sudo apt install openssh-server

Red Hat Enterprise Linux

sudo yum install openssh-server

Ubuntu

sudo apt update && sudo apt install openssh-server

Configuration File Location

File Path
/etc/ssh/ssh_config
Directory
/etc/ssh/
Significance
System-wide configuration directory
Description
Files in /etc/ contain system-wide configuration settings that affect all users.

Complete OpenSSH Configuration Guide

What is ssh_config?
Get the original 'ssh_config' (sshd_config) configuration file from a fresh OpenSSH installation on Ubuntu 22.04 LTS (Jammy Jellyfish). This is the factory-default SSH server configuration, crucial for security hardening, remote access troubleshooting, and understanding baseline security settings.
Technical Details
Located at '/etc/ssh/ssh_config', this 54-line file controls authentication methods, encryption algorithms, key exchange protocols, and access controls. Secures millions of servers worldwide and is the foundation for secure remote administration, file transfers, and automated deployments.
Common Configuration Question
How do you configure OpenSSH for maximum security, key-based authentication, and compliance on Ubuntu 22.04?
Why Use This Configuration?
This default configuration includes modern cipher suites, authentication controls, and security best practices. Essential for security professionals, system administrators, and DevOps engineers managing secure remote access to production systems.

Frequently Asked Questions

When should I use this ssh_config file?

Use this original configuration file when you need to restore OpenSSH to its default state after misconfiguration, during fresh installations, or as a baseline for customization. It's particularly useful for troubleshooting when your current config isn't working properly.

How do I restore OpenSSH to default settings?

Download this file and replace your current configuration at /etc/ssh/ssh_config. Make sure to backup your existing configuration first, then restart the OpenSSH service to apply the changes.

Is this ssh_config file secure for production use?

This is the factory-default configuration that ships with OpenSSH on Ubuntu 22.04 LTS (Jammy Jellyfish). While it provides a secure baseline, you should review and customize security settings based on your specific production requirements and compliance needs.

What's the difference between this and other OS versions?

This configuration is specifically from Ubuntu 22.04 LTS (Jammy Jellyfish). Different operating systems and versions may have slightly different default settings, security patches, or feature availability. Check the compatibility section above for other OS versions.

Can I use this configuration file for OpenSSH troubleshooting?

Yes, this original configuration is excellent for troubleshooting. Compare it with your current settings to identify modifications that might be causing issues, or temporarily replace your config with this one to isolate problems.