]> ruderich.org/simon Gitweb - config/dotfiles.git/blobdiff - ssh_config
ruderich.org/simon / config / dotfiles.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
sshd_config: Add.
[config/dotfiles.git] / ssh_config
diff --git a/ssh_config b/ssh_config
index 78662eef8a37488500a912139ed69dad9840e6cd..be03a42673df4647a24d8e075112a01054a201bc 100644 (file)
--- a/ssh_config
+++ b/ssh_config
@@ -39,14 +39,22 @@ Host *
 # to local X11!
     ForwardX11Trusted no
 
+# Abort if not all requested port forwardings can be set up.
+    ExitOnForwardFailure yes
+
 # Allow using -M (ControlMaster) to create a master SSH session which
 # "tunnels" other connections to the same host, thus reducing the number of
 # authentications (which are relatively slow) and TCP connections. The master
 # sockets are stored in ~/.ssh (by default ControlPath is not set).
     ControlPath ~/.ssh/master-%l-%h-%p-%r
 
-# Abort if not all requested port forwardings can be set up.
-    ExitOnForwardFailure yes
+# Hash hosts in ~/.ssh/known_hosts to try to conceal the known hosts. Doesn't
+# help if the ssh hosts are stored in the shell's history file or in this file
+# as shortcut.
+    HashKnownHosts yes
+
+# Don't permit running local commands.
+    PermitLocalCommand no
 
 # Don't send any environment variables.
     SendEnv
Configuration files for zsh, vim, git, mutt, herbstluftwm and a few more shell and X11 related programs