blob: b19eca4b063cb3ada4cff15ea43de0f4d2e01255 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
# vim:syntax=sshconfig:ts=4
# in case of no ssh-agent:
#IdentityFile ~/.ssh/id_ed25519
#IdentityFile ~/.ssh/id_rsa
# ...place that inside an extra .conf file.
SendEnv LANG LC_* MUTTEXEC
HashKnownHosts yes
ForwardAgent yes
ControlMaster auto
ControlPath /run/user/%i/ssh/cm-%r@%h:%p
# ControlMaster: to use SSH multiplexing with ProxyCommand (e.g. to reach host b through host a)
# Host b
# Hostname b.example.com
# ProxyCommand ssh a.example.com -W %h:%p
# # controlpath, controlmaster are the same as above
#
# For older SSH daemons: RSA SHA-1 is being quickly deprecated across OSes for various security
# vulnerabilities. If you need to re-enable that (e.g. for hardware like network devices which are
# often prone to vulnerabilities due to slow upgrading), you can re-enable this and you SHOULD do
# this ONLY for specific hosts. (Yes, this ofc also affects clients - which it did on an Arch Linux here.)
# Also see https://www.openssh.com/txt/release-8.2
# If you have a proper naming convention for your devices, you can still easily wildcard this. If you
# don't, you either don't have many devices or you moronically did not think device names through. ;-)
# Host sophos* *-mik-*
# PubkeyAcceptedKeyTypes +ssh-rsa
|
