<languages/> 

''Parent page: [[SSH]]''

On Linux and macOS, you can modify your local SSH configuration file to change the default behaviour of <code>ssh</code> and simplify the login procedure. For example, if you want to log into <code>narval.alliancecan.ca</code> as <code>username</code> using an [[Using SSH keys in Linux|SSH key]], you may need to use the following command:
{{Command|prompt=[name@yourLaptop ~]|ssh -i ~/.ssh/your_private_key username@narval.alliancecan.ca}}
To avoid having to type this command each time you want to connect to Narval, add the following to <code>~/.ssh/config</code> on your local machine:
  Host narval
    User username
    HostName narval.alliancecan.ca
    IdentityFile ~/.ssh/your_private_key

You can now log into Narval by typing
{{Command|prompt=[name@yourLaptop ~]|ssh narval}}
This also changes the behaviour of <code>sftp</code>, <code>scp</code>, and <code>rsync</code> and you can now [[Transferring data | transfer files]] by typing for example
{{Command|prompt=[name@yourLaptop ~]|scp local_file narval:work/}}
If you frequently log into different clusters, modify the above <code>Host</code> block as follows instead of adding individual entries for each cluster separately:
  Host narval beluga graham cedar
    [...]
    HostName %h.alliancecan.ca
    [...]
Note that you need to install your public [[SSH Keys | SSH key]] on each cluster separately or use [[SSH Keys#Using CCDB|CCDB]].

Note that other options of the <code>ssh</code> commands have corresponding parameters that you can put in your <code>~/.ssh/config</code> file on your machine. In particular, the command line options
* <code>-X</code> (X11 forwarding)
* <code>-Y</code> (trusted X11 forwarding)
* <code>-A</code> (agent forwarding)
can be set through your configuration file by adding lines with 
* <code>ForwardX11 yes</code>
* <code>ForwardX11Trusted yes</code>
* <code>ForwardAgent yes</code>
in the corresponding sections of your configuration file. However, we do not recommend doing so in general, for these reasons: 
* Enabling X11 forwarding by default for all of your connections can slow down your sessions, especially if your X11 client on your computer is misconfigured. 
* Enabling trusted X11 forwarding comes with a risk. Should the server to which you are connecting to be compromised, a privileged user (<code>root</code>) could intercept keyboard activity on your local computer. Use trusted X11 forwarding <i>only when you need it</i>.
* Similarly, while forwarding your SSH agent is convenient and more secure than typing a password on a remote computer, it also comes with a risk. Should the server to which you are connecting to be compromised, a privileged user (<code>root</code>) could use your agent and connect to another host without your knowledge. Use agent forwarding <i>only when you need it</i>. We also recommend that, if you use this feature, you should combine it with <code>ssh-askpass</code> so that any use of your SSH agent triggers a prompt on your computer, preventing usage of your agent without your knowledge. 

[[Category:Connecting]]