shell/env: export MTR_OPTIONS

[config/dotfiles.git] / ssh_config

diff --git a/ssh_config b/ssh_config
index 2d272842ada17db8c158c4eaa86c115b9b2e6c85..b9935085a2abc386f2e2f9cf60a17facb1569d3a 100644 (file)
--- a/ssh_config
+++ b/ssh_config
@@ -26,6 +26,18 @@
 #     ServerAliveInterval 5
 
 
+# Options are parsed top-to-bottom, the first matching option is used. Later
+# assignments to the same option are ignored, thanks to anonJD in #openssh on
+# Freenode (2011-05-18 21:40 CEST) for letting me know. Therefore put all
+# affected host specific rules here, before the global rules.
+#
+# For example to change the MACs option for a specific host, use:
+#
+# Host host
+#     # Old SSH daemon which needs SHA1 (SHA-512 in case it gets updated).
+#     MACs hmac-sha2-512,hmac-sha1
+
+
 # Rules for all hosts.
 Host *
 
@@ -104,10 +116,10 @@ Host *
 # prevents stale master connections.
     ControlPersist 10
 
-# Hash hosts in ~/.ssh/known_hosts to try to conceal the known hosts. Doesn't
-# help if the ssh hosts are stored in the shell's history file or in this file
-# as shortcut.
-    HashKnownHosts yes
+# Don't hash any hosts in ~/.ssh/known_hosts. It doesn't help if the ssh hosts
+# are stored in the shell's history file or in this file as shortcut so it's
+# rather useless (default).
+    HashKnownHosts no
 
 # Don't permit running local commands (default).
     PermitLocalCommand no
@@ -120,3 +132,5 @@ Host *
     CheckHostIP yes
 # Ask before adding any host keys to ~/.ssh/known_hosts (default).
     StrictHostKeyChecking ask
+# Don't trust host keys from DNS' SSHFP resource records (default).
+    VerifyHostKeyDNS no