The .ssh/config file is the central user-specific file where most customization ca go into. For example, it can specify which username ssh should use for which connection or which private key should be used to connect to a specific service.

Unfortunately, given how much complexity can be offloaded into this file, set-up may not be straight-forward and this single FAQ page will never be enough to describe anything in detail. In question, please use man ssh_config as you initial reference.

Base Atlas’ specific set-up

Put this set of lines into ~/.ssh/config to tell ssh to use the specified username and private key to log into Atlas.

Host *.atlas.aei.uni-hannover.de
  IdentitiesOnly yes
  IdentityFile ~/.ssh/id_ed25519-atlas
  user USER

(please exchange USER on the last line with your Atlas user name given to you at account creation).

Gitlab set-up

For our gitlab instance gitlab.aei.uni-hannover.de, the appropriate lines for using your dedicated key ~/.ssh/id_ed25519-aei-gitlab would be

Host gitlab.aei.uni-hannover.de
  IdentitiesOnly yes
  IdentityFile ~/.ssh/id_ed25519-aei-gitlab
  user git

(this will only work, if you uploaded the public key to this private one via the web interface beforehand)

Notable other options

There are a number of options you may or may not want to set. If you required a remote graphical window via the “X” interface, you may need to specify ForwardX11 yes and maybe even ForwardX11Trusted yes in your ~/.ssh/config (please see word of caution section below).

Also, if you want to re-use you public key within Atlas to hop from one host to another internally, you may want to forward the ssh agent connection by specifying ForwardAgent yes in ~/.ssh/config.

Word of caution: Enabling any of the forwarding features, will create a direct 2-way connection between your local machine and the machine you are logged into. Anyone with root privileges on the remote machine could in principle access your local machine via these channels, i.e. your local X-server or the ssh agent.

Obviously, we do not do that, but you may need to weigh the (small) risk against the convenience offered here!