SSH Config Editor

SSH Config Summary

Grouped: {{ groupingType }}

Groups {{ groupedHosts.length }} Known keys {{ knownKeys.length }} Wildcards {{ hosts.filter(h => String(h.hostPattern||'').includes('*')).length }} {{ lintResults.length }} warning(s)

SSH config file:

Paste config (or drop file):

Group hosts by:

Sort hosts alphabetically

Sort keys within each host

Normalize key case

De‑duplicate repeated keys

Preserve non‑Host lines

Include header comment

Header text

Match tester:

{{ matchCount }} match(es)

Host pattern

Host configurations

No key/value pairs yet. Click “Add line”.

Host	Domain	Keys	Wildcard	Copy
{{ r.host }}	{{ r.domain \|\| '—' }}	{{ r.keyCount }}	{{ r.wild ? 'Yes' : 'No' }}
No rows

{{ reconstructed }}

Host	Issue
{{ w.host }}	{{ w.issue }}
No issues found.

No hosts loaded yet. Select a SSH config file above, or paste text, to begin.

Note: This tool cannot directly save to ~/.ssh/config. Download and replace it manually when done.

Tags: Devtools , Editor , SSH , Sysadmin

Export to PDF Fullscreen

Embed:

Secure Shell client configuration files are readable maps from host names to connection settings and shortcuts. They help teams keep many destinations consistent and reduce connection mistakes during daily work.

You provide a configuration as plain text or select a local file and the entries are parsed into host blocks that can be reviewed and edited. The result is a tidy configuration you can download and replace on your system when you are satisfied.

A small change such as adding a user name or a port for a host can remove a repetitive command and improve reliability across sessions. Patterns are accepted in host names, so a single block can cover several related machines when appropriate.

Be mindful that a configuration that looks valid does not prove that a server exists or that credentials work, so test a connection before relying on it for important tasks. Consistent naming and a short note in comments can also make future edits faster.

Technical Details:

The underlying object is the Secure Shell (SSH) client configuration. The parser treats the text as a sequence of host sections and key–value directives. It observes comments and quoting so that values can include spaces and hash characters when quoted.

From those quantities it constructs an internal list of hosts, each with a Host pattern and an ordered set of directives. A reconstruction step emits a normalized configuration with a consistent directive order per host, which improves readability and diff friendliness.

Results are grouped conceptually by either wildcard use or by domain suffix when requested. Grouping affects presentation only. It does not modify keys or host patterns, which keeps the emitted configuration faithful to the parsed content.

Comparisons across runs are meaningful when the same input text is used. Non‑host global directives are ignored by the parser, and any Match blocks are skipped entirely, so interpretation should focus on Host blocks only.

Processing pipeline

Read text from a local file selection or a paste box.
Split into lines and skip empty lines and full‑line comments.
Ignore lines beginning with Include.
End the current host when a line begins with Match.
Start a new host when a line begins with Host.
Within a host, parse directives as key and value pairs.
Strip trailing inline comments occurring outside quotes.
Preserve unknown directive names as custom keys.
Optionally group hosts for viewing by wildcard or domain.
Reconstruct a configuration with a canonical directive order.

Worked example

# team gateways
Host web-1
    User ubuntu
    Port 22
    IdentityFile "~/.ssh/id_ed25519"

Host db*
    HostName db.internal
    ProxyJump web-1

Parsing yields two hosts: web-1 with three directives, and db* with two directives. Reconstruction keeps both hosts and emits keys in a consistent order, which makes future edits and reviews easier.

Validation & bounds extracted from the code

Parsing rules and patterns
Field	Type	Min	Max	Step/Pattern	Error Text	Placeholder
Host line	regex	—	—	`^\sHost\s+(.)\s*$`	—	e.g., `Host app*`
Directive line	regex	—	—	`^\s([A-Za-z][A-Za-z0-9_\-])\s+(.?)\s$`	—	e.g., `User ubuntu`
Inline comment strip	quoted scan	—	—	Stops at `#` outside quotes	—	—
Include lines	ignored	—	—	`^\s*Include\s+`	—	—
Match blocks	ignored	—	—	`^\s*Match\s+`	—	—

Parameters

Runtime parameters
Parameter	Meaning	Unit/Datatype	Typical Range	Sensitivity	Notes
`groupingType`	Controls host grouping for display.	string	`none`, `wildcard`, `domain`	low	Does not affect reconstruction.

I/O formats

Inputs and outputs
Input	Accepted Families	Output	Encoding/Precision	Rounding
Text file or pasted text	`.txt`, `.conf`, any text	Downloaded file named `config`	UTF‑8 text	—

Networking & storage

All parsing and reconstruction happen on your device.
Selected files are read locally with a file reader API.
The download uses a temporary object URL and is then revoked.

Performance & determinism

Linear time over lines for parsing and for reconstruction.
Given identical input, the emitted host blocks are deterministic.
Directive order follows a fixed canonical list before name sorting.

Security considerations

Do not paste secrets you do not control in shared environments.
Sanitize custom keys and values copied from untrusted sources.
A readable configuration reduces risky ad‑hoc command reuse.

Assumptions & limitations

Heads‑up Match blocks are not parsed or emitted.
Heads‑up Include directives are ignored.
Lines outside any Host block are skipped.
A Host line with multiple patterns is stored as one pattern string.
Advanced toggles shown in the panel are not applied by the engine.
Grouping affects display only, not the downloaded file.
Unknown directives are kept as custom and are not validated.
Comment text inside quotes is preserved as value content.

Edge cases & error sources

Unbalanced quotes prevent proper inline comment stripping.
Escaped quotes are respected only when preceded by a backslash.
Tabs are treated as whitespace and may affect alignment.
Windows line endings are supported but can mask trailing spaces.
Duplicate directives are preserved and may cause ambiguity downstream.
Empty directive values are emitted as empty strings.
Keys beginning with nonletters are ignored by the parser.
Trailing spaces in keys are trimmed when reconstructing.
Host patterns containing spaces are not split into multiple entries.
Very large files may be limited by device memory.

Privacy & compliance

Files are processed locally; nothing is uploaded. No data is transmitted or stored server‑side.

How‑to · Step‑by‑Step Guide

Secure Shell configuration organization with an editable output file.

Select a config file or paste text.
Review detected hosts and expand one to inspect directives.
Edit keys and values as needed for each host.
Use grouping to scan wildcards or domain suffixes quickly.
Click download to save the reconstructed configuration.
Replace your local file and test a connection.

Note The app cannot write directly to ~/.ssh/config; replace the file yourself after download.

Example: Change User to deploy for app*, download, and confirm that ssh app-1 uses the new user without extra flags.

Keep host aliases short and memorable.
Prefer one purpose per host block to avoid conflicts.
Quote values that include spaces or hash characters.

FAQ

Is my data stored?

No. Files are read locally and the resulting text is downloaded to your device only.

Does it handle wildcards?

Yes. Host patterns containing the asterisk are parsed and shown; grouping by wildcard is for review only.

Are non‑host directives supported?

Global directives outside any host block are skipped, and Match sections are not processed.

Can I preview JSON?

A JSON view appears in the layout, but the current engine does not populate it.

How accurate is the reconstruction?

Host blocks and directives are preserved. Keys are ordered by a fixed list, then by name to improve consistency.

How do I group hosts by domain?

Choose domain grouping to cluster hosts by the last dot suffix; this changes display only, not the output file.

Does it work without a network?

Yes. All logic runs on your device after you select or paste text.

What does a “borderline” result mean?

Not applicable here. Configuration lines either parse into hosts and directives or they are ignored.

Troubleshooting

No hosts appear — ensure the text contains Host lines.
Strange values — check for unbalanced quotes around values.
Unexpected comment removal — move the # inside quotes if it is part of the value.
Download missing — verify the browser allowed a file download.
Keys out of order — this is expected; a canonical order is enforced.
Non‑host lines lost — move them into host blocks before parsing.

If the downloaded file is empty, confirm that at least one host pattern is present.

Glossary

Secure Shell (SSH): Protocol for encrypted remote login and command execution.
Host pattern: Name or wildcard that selects target hosts for a block.
Directive: A key and value pair such as User ubuntu.
Wildcard: An asterisk that lets one block match several names.
Inline comment: Text after # outside quotes that is ignored.
Reconstruction: Emission of a clean configuration from parsed content.