zsh/rc: fix `reset` with zsh-internal colored stderr hack

[config/dotfiles.git] / ssh_config

diff --git a/ssh_config b/ssh_config
index 188d9251e1353457443db676fc5200052d83ee5c..09995ab12a8871146ec6a30d4c4586b9b4647b20 100644 (file)
--- a/ssh_config
+++ b/ssh_config
@@ -66,7 +66,7 @@ Host *
 # [1]: http://cseweb.ucsd.edu/~mihir/papers/oem.html
     MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-512
 # Disable DSA host keys because they are weak (only 1024 bit) and elliptic
-# curves. I don't need certificates, therefore disables those algorithms as
+# curves. I don't need certificates, therefore disable those algorithms as
 # well (*-cert-*).
     HostKeyAlgorithms ssh-rsa
 
@@ -102,7 +102,7 @@ Host *
 # sockets are stored in ~/.ssh (by default ControlPath is not set). Using %r
 # (remote user name) might leak information to other users on the current
 # system (e.g. via netstat or lsof).
-    ControlPath ~/.ssh/master-%l-%h-%p-%r
+    ControlPath ~/.ssh/master/%l-%h-%p-%r
 # Automatically create a new master session if there's none yet or use an
 # existing one. This way the user doesn't have to use -M to enable a master
 # manually. Don't set this option to "yes" or all SSH commands try to become
@@ -132,5 +132,6 @@ Host *
     CheckHostIP yes
 # Ask before adding any host keys to ~/.ssh/known_hosts (default).
     StrictHostKeyChecking ask
-# Don't trust host keys from DNS' SSHFP resource records (default).
-    VerifyHostKeyDNS no
+# Check host keys from DNS' SSHFP resource records but ask apply
+# StrictHostKeyChecking before trusting them.
+    VerifyHostKeyDNS ask