diff --git a/docs/03-compute-resources.md b/docs/03-compute-resources.md
index fde4b4c..43a2335 100644
--- a/docs/03-compute-resources.md
+++ b/docs/03-compute-resources.md
@@ -53,7 +53,7 @@ az network nsg rule create \
   --protocol Tcp \
   --direction Inbound \
   --priority 100 \
-  --source-address-prefix Any \
+  --source-address-prefix "*" \
   --source-port-range "*" \
   --destination-port-ranges 22 6443
 ```
@@ -303,11 +303,25 @@ worker-2      kubernetes-the-hard-way  westus2
 
 SSH will be used to configure the controller and worker instances. When building the compute instances, if you don't currently have an SSH keypair, one will be generated for you and stored in  your ~/.ssh directory
 
-Test SSH access to the `controller-0` compute instances using the VMs public IP address (this can be found by list your VMs with the CLI, or by looking at the VM in the Azure portal):
+Let's build an SSH config file to easily be able to SSH to all our controller and worker nodes throughout the lab:
 
 ```
-EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n controller-0 --output tsv | cut -f19)
-ssh azureuser@${EXTERNAL_IP}
+for instance in controller-0 controller-1 controller-2 worker-0 worker-1 worker-2; do
+  EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n ${instance} --output tsv | cut -f19)
+  cat <<EOF | tee -a ~/.ssh/config
+  Host ${instance}
+  User azureuser
+  HostName ${EXTERNAL_IP}
+  IdentityFile ~/.ssh/id_rsa
+  ServerAliveInterval 120
+  EOF
+done
+```
+
+Test SSH access to the `controller-0` compute instances:
+
+```
+ssh controller-0
 ```
 
 ```
diff --git a/docs/04-certificate-authority.md b/docs/04-certificate-authority.md
index 045aad2..43cf564 100644
--- a/docs/04-certificate-authority.md
+++ b/docs/04-certificate-authority.md
@@ -364,8 +364,7 @@ Copy the appropriate certificates and private keys to each worker instance:
 
 ```
 for instance in worker-0 worker-1 worker-2; do
-  EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n ${instance} --output tsv | cut -f19)
-  scp ca.pem ${instance}-key.pem ${instance}.pem azureuser@${EXTERNAL_IP}:~/
+  scp ca.pem ${instance}-key.pem ${instance}.pem ${instance}:~/
 done
 ```
 
@@ -373,8 +372,7 @@ Copy the appropriate certificates and private keys to each controller instance:
 
 ```
 for instance in controller-0 controller-1 controller-2; do
-  EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n ${instance} --output tsv | cut -f19)
-  scp ca.pem ca-key.pem kubernetes-key.pem kubernetes.pem service-account-key.pem service-account.pem azureuser@${EXTERNAL_IP}:~/
+  scp ca.pem ca-key.pem kubernetes-key.pem kubernetes.pem service-account-key.pem service-account.pem ${instance}:~/
 done
 ```
 
diff --git a/docs/05-kubernetes-configuration-files.md b/docs/05-kubernetes-configuration-files.md
index 8d91529..ef04b06 100644
--- a/docs/05-kubernetes-configuration-files.md
+++ b/docs/05-kubernetes-configuration-files.md
@@ -187,8 +187,7 @@ Copy the appropriate `kubelet` and `kube-proxy` kubeconfig files to each worker
 
 ```
 for instance in worker-0 worker-1 worker-2; do
-  EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n ${instance} --output tsv | cut -f19)
-  scp ${instance}.kubeconfig kube-proxy.kubeconfig azureuser@${EXTERNAL_IP}:~/
+  scp ${instance}.kubeconfig kube-proxy.kubeconfig ${instance}:~/
 done
 ```
 
@@ -196,8 +195,7 @@ Copy the appropriate `kube-controller-manager` and `kube-scheduler` kubeconfig f
 
 ```
 for instance in controller-0 controller-1 controller-2; do
-  EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n ${instance} --output tsv | cut -f19)
-  scp admin.kubeconfig kube-controller-manager.kubeconfig kube-scheduler.kubeconfig azureuser@${EXTERNAL_IP}:~/
+  scp admin.kubeconfig kube-controller-manager.kubeconfig kube-scheduler.kubeconfig ${instance}:~/
 done
 ```
 
diff --git a/docs/06-data-encryption-keys.md b/docs/06-data-encryption-keys.md
index ac13826..8b59ce6 100644
--- a/docs/06-data-encryption-keys.md
+++ b/docs/06-data-encryption-keys.md
@@ -36,8 +36,7 @@ Copy the `encryption-config.yaml` encryption config file to each controller inst
 
 ```
 for instance in controller-0 controller-1 controller-2; do
-  EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n ${instance} --output tsv | cut -f19)
-  scp encryption-config.yaml azureuser@${EXTERNAL_IP}:~/
+  scp encryption-config.yaml ${instance}:~/
 done
 ```
 
diff --git a/docs/07-bootstrapping-etcd.md b/docs/07-bootstrapping-etcd.md
index da0e5c7..277d5e8 100644
--- a/docs/07-bootstrapping-etcd.md
+++ b/docs/07-bootstrapping-etcd.md
@@ -7,8 +7,7 @@ Kubernetes components are stateless and store cluster state in [etcd](https://gi
 The commands in this lab must be run on each controller instance: `controller-0`, `controller-1`, and `controller-2`. Login to each controller instance using `ssh`. Example:
 
 ```
-EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n controller-0 --output tsv | cut -f19)
-ssh azureuser@${EXTERNAL_IP}
+ssh controller-0
 ```
 
 ### Running commands in parallel with tmux
diff --git a/docs/08-bootstrapping-kubernetes-controllers.md b/docs/08-bootstrapping-kubernetes-controllers.md
index 16063e7..6be2ce7 100644
--- a/docs/08-bootstrapping-kubernetes-controllers.md
+++ b/docs/08-bootstrapping-kubernetes-controllers.md
@@ -7,8 +7,7 @@ In this lab you will bootstrap the Kubernetes control plane across three compute
 The commands in this lab must be run on each controller instance: `controller-0`, `controller-1`, and `controller-2`. Login to each controller instance using `ssh`. Example:
 
 ```
-EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n controller-0 --output tsv | cut -f19)
-ssh azureuser@${EXTERNAL_IP}
+ssh controller-0
 ```
 
 ### Running commands in parallel with tmux
@@ -284,8 +283,7 @@ In this section you will configure RBAC permissions to allow the Kubernetes API
 > This tutorial sets the Kubelet `--authorization-mode` flag to `Webhook`. Webhook mode uses the [SubjectAccessReview](https://kubernetes.io/docs/admin/authorization/#checking-api-access) API to determine authorization.
 
 ```
-EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n controller-0 --output tsv | cut -f19)
-ssh azureuser@${EXTERNAL_IP}
+ssh controller-0
 ```
 
 Create the `system:kube-apiserver-to-kubelet` [ClusterRole](https://kubernetes.io/docs/admin/authorization/rbac/#role-and-clusterrole) with permissions to access the Kubelet API and perform most common tasks associated with managing pods:
diff --git a/docs/09-bootstrapping-kubernetes-workers.md b/docs/09-bootstrapping-kubernetes-workers.md
index 5f1eb3c..ad9da62 100644
--- a/docs/09-bootstrapping-kubernetes-workers.md
+++ b/docs/09-bootstrapping-kubernetes-workers.md
@@ -4,11 +4,10 @@ In this lab you will bootstrap three Kubernetes worker nodes. The following comp
 
 ## Prerequisites
 
-The commands in this lab must be run on each worker instance: `worker-0`, `worker-1`, and `worker-2`. Login to each worker instance using the `gcloud` command. Example:
+The commands in this lab must be run on each worker instance: `worker-0`, `worker-1`, and `worker-2`. Login to each worker instance using `ssh`. Example:
 
 ```
-EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n worker-0 --output tsv | cut -f19)
-ssh azureuser@${EXTERNAL_IP}
+ssh worker-0
 ```
 
 ### Running commands in parallel with tmux
@@ -288,8 +287,7 @@ EOF
 List the registered Kubernetes nodes:
 
 ```
-EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n controller-0 --output tsv | cut -f19)
-ssh azureuser@${EXTERNAL_IP}
+ssh controller-0
 ```
 ```
 kubectl get nodes --kubeconfig admin.kubeconfig