1 files changed, 48 insertions, 0 deletions

diff --git a/home/programs/security/ssh.nix b/home/programs/security/ssh.nix
new file mode 100644
index 0000000..004b082
--- /dev/null
+++ b/home/programs/security/ssh.nix
@@ -0,0 +1,48 @@
+{ config, ... }:
+{
+  programs.ssh = {
+    enable = true;
+    enableDefaultConfig = false;
+    matchBlocks = {
+      "*" = {
+        forwardAgent = true;
+        serverAliveInterval = 60;
+        controlPersist = "30m";
+        controlPath = "${config.home.homeDirectory}/.ssh/sockets/S.%r@%h:%p";
+        controlMaster = "auto";
+      };
+      "rivendell" = {
+        hostname = "192.168.1.114";
+      };
+      "riv-unlock" = {
+        hostname = "192.168.1.114";
+        user = "root";
+        port = 911;
+      };
+      "nas" = {
+        hostname = "192.168.1.68";
+      };
+      "bree" = {
+        hostname = "192.168.1.50";
+      };
+      "argonath" = {
+        hostname = "fcuny.net";
+      };
+      "github.com" = {
+        hostname = "github.com";
+        user = "git";
+        forwardAgent = false;
+        extraOptions = {
+          preferredAuthentications = "publickey";
+          controlMaster = "no";
+          controlPath = "none";
+        };
+      };
+    };
+  };
+
+  home.file = {
+    # we need this path to be created so that the control path can be used.
+    ".ssh/sockets/.keep".text = "# Managed by Home Manager";
+  };
+}