How to inspect OpenSSH client configuration

Inspect OpenSSH client configuration to search and display configured hosts.

Sample ~/.ssh/config OpenSSH client configuration.

# OpenSSH SSH client configuration

Host *
  ServerAliveInterval 6
  IdentityAgent /home/milosz/.agent_socket
  ServerAliveCountMax 5

Host 192.0.2.*
  RequestTTY no

Host 192.0.2.15
  RequestTTY yes

Host gitlab
  Port 23
  HostName 192.0.2.134
  User milosz
  IdentityFile ~/.ssh/git

Host jenkins_master
  HostName 10.20.5.2
  Port 22
  User admin

Host jenkins_node_01
  HostName 10.20.5.11
  Port 22
  User node_admin

Host jenkins_node_02
  HostName 10.20.5.12
  Port 22
  User node_admin

AWK script used to display OpenSSH client configuration or to search using QUERY variable.

Beware, I will ignore Match entries.
$ awk -v QUERY="" -v RS="(Host|Match) [A-Za-z0-9_.* -]+" \
'{
  if (length(host)> 0) {
    split($0,record,"\n");
    for (line in record) 
      if(length(record[line])>0 && record[line] !~ /^#/ && host_line !~ /^Match/) {
        gsub(/^[\ \t]+/,"",record[line]);
        gsub(/[\ \t]+$/,"",record[line]);   

        directive=substr(record[line],1,index(record[line]," ")); 
        value=substr(record[line],index(record[line]," ")); 

        gsub(/^[\ \t]+/,"",value);   
        gsub(/[\ \t]+$/,"",directive); 
          
        if (length(directive)>0 && length(value)>0) records[host][directive]=value;
     }
  }
  host_line=RT
  host=substr(host_line, index(host_line," ")+1)
}  

END {
  PROCINFO["sorted_in"] = "@ind_str_asc"
  if(length(QUERY)>0) {
    for (host in records) {
      found=0
      for(directive in records[host]) {
        if((directive ~ "HostName" && records[host][directive] ~ QUERY) && records[host][directive] !~ /*/) {
          print "\033[34m" host "\033[0m" " -> " records[host][directive]
          found=1
        } 
      }   
      if(host ~ QUERY && host !~ /*/ && found==0) {
        if(records[host]["HostName"]) {
          print "\033[34m" host "\033[0m" " -> " records[host]["HostName"]
        } else {
          print "\033[34m" host "\033[0m"
        }        
      }          
    }  
  } else {
    for (host in records) { 
      printf "\n\033[34m%30s\033[0m\n",host;
      for (directive in records[host])
        printf "%30s = %-40s\n",directive,records[host][directive]
    }   
  }
}' ~/.ssh/config

Omit QUERY variable to display OpenSSH client configuration.

                             *
                 IdentityAgent = /home/milosz/.agent_socket              
           ServerAliveCountMax = 5                                       
           ServerAliveInterval = 6                                       

                     192.0.2.*
                    RequestTTY = no                                      

                    192.0.2.15
                    RequestTTY = yes                                     

                        gitlab
                      HostName = 192.0.2.134                             
                  IdentityFile = ~/.ssh/git                              
                          Port = 23                                      
                          User = milosz                                  

                jenkins_master
                      HostName = 10.20.5.2                               
                          Port = 22                                      
                          User = admin                                   

               jenkins_node_01
                      HostName = 10.20.5.11                              
                          Port = 22                                      
                          User = node_admin                              

               jenkins_node_02
                      HostName = 10.20.5.12                              
                          Port = 22                                      
                          User = node_admin

Define QUERY="jenkins" to search for specific hosts.

jenkins_master -> 10.20.5.2
jenkins_node_01 -> 10.20.5.11
jenkins_node_02 -> 10.20.5.12

Define QUERY="10.20.5" to search for specific hosts or IP addresses.

jenkins_master -> 10.20.5.2
jenkins_node_01 -> 10.20.5.11
jenkins_node_02 -> 10.20.5.12

Define QUERY="192.0.2.134" to search for specific hosts or IP address.

gitlab -> 192.0.2.134

Define QUERY="192.0.2." to search for specific hosts or IP addresses.

192.0.2.15
gitlab -> 192.0.2.134

Use ssh client to inspect configuration for specific host.

$ ssh -F ~/.ssh/config -G gitlab
user milosz
hostname 192.0.2.134
port 22
addressfamily any
batchmode no
canonicalizefallbacklocal yes
canonicalizehostname false
challengeresponseauthentication yes
checkhostip yes
compression no
controlmaster false
enablesshkeysign no
clearallforwardings no
exitonforwardfailure no
fingerprinthash SHA256
forwardagent no
forwardx11 no
forwardx11trusted yes
gatewayports no
gssapiauthentication yes
gssapidelegatecredentials no
hashknownhosts yes
hostbasedauthentication no
identitiesonly no
kbdinteractiveauthentication yes
nohostauthenticationforlocalhost no
passwordauthentication yes
permitlocalcommand no
proxyusefdpass no
pubkeyauthentication yes
requesttty auto
streamlocalbindunlink no
stricthostkeychecking ask
tcpkeepalive yes
tunnel false
useprivilegedport no
verifyhostkeydns false
visualhostkey no
updatehostkeys false
canonicalizemaxdots 1
connectionattempts 1
forwardx11timeout 1200
numberofpasswordprompts 3
serveralivecountmax 5
serveraliveinterval 6
ciphers [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
hostkeyalgorithms [email protected],[email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
hostbasedkeytypes [email protected],[email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
identityagent /home/milosz/.agent_socket
kexalgorithms curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
loglevel INFO
macs [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
pubkeyacceptedkeytypes [email protected],[email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
xauthlocation /usr/bin/xauth
identityfile ~/.ssh/id_rsa
identityfile ~/.ssh/id_dsa
identityfile ~/.ssh/id_ecdsa
identityfile ~/.ssh/id_ed25519
canonicaldomains
globalknownhostsfile /etc/ssh/ssh_known_hosts /etc/ssh/ssh_known_hosts2
userknownhostsfile ~/.ssh/known_hosts ~/.ssh/known_hosts2
sendenv LANG
sendenv LC_*
connecttimeout none
tunneldevice any:any
controlpersist no
escapechar ~
ipqos lowdelay throughput
rekeylimit 0 0
streamlocalbindmask 0177