#======================================================================= # Global #======================================================================= include ~/.ssh/conf.d/nsas.conf include ~/.ssh/conf.d/hetzner.conf include ~/.ssh/conf.d/hollandpark.conf include ~/.ssh/conf.d/swissbit.conf include ~/.ssh/conf.d/other.conf #======================================================================= # Global #======================================================================= Host * LogLevel QUIET ControlMaster auto ControlPath ~/.ssh/sockets/%r@%h:%p # automatically add ssh keys to running ssh agent (mkdir -p ~/.ssh/sockets) ControlPersist yes # keep connections open indefinitely, even after logging out ForwardAgent yes # ssh -A host # on the command line VerifyHostKeyDNS no # Specifies whether to verify the remote key using DNS and SSHFP AddKeysToAgent yes TCPKeepAlive yes Compression yes StrictHostKeyChecking no VersionAddendum none UpdateHostKeys yes # IdentitiesOnly yes PreferredAuthentications publickey,password # HostKeyAlgorithms +ssh-rsa # PubkeyAcceptedKeyTypes +ssh-rsa # Ensure KnownHosts are unreadable if leaked - it is otherwise easier to know which hosts your keys have access to. HashKnownHosts yes # Host keys the client accepts - order here is honored by OpenSSH HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256 KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256 MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr