The Problem with Raw SSH Commands
You probably know someone whose shell history looks like: ssh -i ~/.ssh/work_rsa -p 2222 -L 5432:localhost:5432 admin@203.0.113.45. That’s a lot of mental overhead every time you need to connect.
The ~/.ssh/config file is the solution. It’s a plain-text file that OpenSSH reads before every connection, letting you define all of those flags once and refer to the host by a short alias.
Basic Structure
A config entry looks like this:
Host prod-db HostName 203.0.113.45 User admin Port 2222 IdentityFile ~/.ssh/work_rsa LocalForward 5432 localhost:5432
After adding this, ssh prod-db is all you type. Tab completion works too.
The Host keyword can also be a wildcard. Host * at the bottom of the file is a common pattern for global defaults — things like ServerAliveInterval 60 to keep connections alive through NAT.
Per-Host Identity Files
One of the most useful features is specifying different keys per host or per hostname pattern. If your work uses one GitHub organization and personal projects another, you can route them to different keys automatically:
Host github-work HostName github.com User git IdentityFile ~/.ssh/work_ed25519 Host github-personal HostName github.com User git IdentityFile ~/.ssh/personal_ed25519
Then clone work repos with git@github-work:org/repo.git and personal ones with git@github-personal:you/repo.git.
Managing Config with SSHVault
Editing config by hand works fine until you have 15+ hosts and start losing track of what’s where. SSHVault parses your existing config file and presents every host entry in a searchable list — HostName, User, Port, IdentityFile, and all other directives side by side.
Edits made in SSHVault write directly back to ~/.ssh/config in standard OpenSSH format. There’s no proprietary database, no sync service — just your config file, kept tidy.