]> git.madduck.net Git - etc/ssh.git/blobdiff - .ssh/config.in

madduck's git repository

Every one of the projects in this repository is available at the canonical URL git://git.madduck.net/madduck/pub/<projectpath> — see each project's metadata for the exact URL.

All patches and comments are welcome. Please squash your changes to logical commits before using git-format-patch and git-send-email to patches@git.madduck.net. If you'd read over the Git project's submission guidelines and adhered to them, I'd be especially grateful.

SSH access, as well as push access can be individually arranged.

If you use my repositories frequently, consider adding the following snippet to ~/.gitconfig and using the third clone URL listed for each project:

[url "git://git.madduck.net/madduck/"]
  insteadOf = madduck:

disable X11 forwarding by default
[etc/ssh.git] / .ssh / config.in
index 6ef1e736bcded440992b629d1f236faa40315b73..537b3bfe9938616ed16b210f333e4afdf3d132b9 100644 (file)
 Host 127.0.0.1 | localhost
-  ForwardAgent yes
   ForwardX11 yes
   ForwardX11Trusted yes
   NoHostAuthenticationForLocalhost yes
 
-Host pulse.madduck.net | pulse
-  ForwardAgent yes
-  Hostname pulse.madduck.net
-  #AddressFamily inet
-Host svn.madduck.net | svn
-  User madduck
-  HostKeyAlias pulse.madduck.net
-Host debian.madduck.net | debian
-  User madduck
-  HostKeyAlias pulse.madduck.net
-  #AddressFamily inet
-Host openvpn.madduck.net | openvpn
-  User madduck
-  HostKeyAlias pulse.madduck.net
-  #AddressFamily inet
-Host backup.madduck.net | backup
-  HostKeyAlias pulse.madduck.net
-  #AddressFamily inet
+### CHARADE KVM HOST
 
-Host khyber.madduck.net | khyber
-  ForwardAgent yes
-  Hostname khyber.madduck.net
-Host khyber-vnc
+Host charade.madduck.net | charade
+  Hostname charade.madduck.net
+Host charade-vnc
   ControlMaster no
   ControlPath none
-  Hostname khyber.madduck.net
+  Hostname charade.madduck.net
 
-Host wots.madduck.net | wots
-  ForwardAgent yes
-  Hostname wots.madduck.net
-Host buildd.debian.madduck.net | buildd
-  HostKeyAlias wots.madduck.net
+Host emily.madduck.net | emily
+  Hostname emily.madduck.net
 
-Host lotus.madduck.net | lotus
-  ForwardAgent yes
-  Hostname lotus.madduck.net
-Host git.madduck.net | git
+Host matilda.madduck.net | matilda
+  Hostname matilda.madduck.net
+Host irc-host.madduck.net | irc-host
+  User madduck
+  HostKeyAlias matilda.madduck.net
+  Hostname matilda.madduck.net
+  ConnectTimeout 60
+
+Host vizier.madduck.net | vizier
+  Hostname vizier.madduck.net
+Host admin.madduck.net | admin
+  Hostname admin.madduck.net
+  HostKeyAlias vizier.madduck.net
   User git
-  HostKeyAlias lotus.madduck.net
-Host git.debian.ch
+
+Host ambassador.madduck.net | ambassador
+  Hostname ambassador.madduck.net
+
+Host alan.madduck.net | alan
+  Hostname alan.madduck.net
+Host git.madduck.net | git
   User git
-  HostKeyAlias lotus.madduck.net
+  HostKeyAlias alan.madduck.net
 
-Host sysyphus.madduck.net | sysyphus
-  ForwardAgent yes
-  Hostname sysyphus.madduck.net
-Host ssh443.madduck.net | ssh443
-  User madduck
-  HostKeyAlias sysyphus.madduck.net
-  ForwardAgent yes
-  Port 443
+Host swan.madduck.net | swan
+  Hostname swan.madduck.net
 
-Host jugband.madduck.net | jugband
-  ForwardAgent yes
-  Hostname jugband.madduck.net
+Host pulse.madduck.net | pulse
+  Hostname pulse.madduck.net
 
 Host vera.madduck.net | vera
-  ForwardAgent yes
   Hostname vera.madduck.net
 
-Host swan-host | swan-host.madduck.net
-  Hostname swan-host.madduck.net
-  User krafft
+Host seamus.madduck.net | seamus
+  Hostname seamus.madduck.net
 
-Host swan.madduck.net | swan
-  ForwardAgent yes
-  Hostname swan.madduck.net
+Host cymbaline.madduck.net | cymbaline
+  Hostname cymbaline.madduck.net
 
-Host domine.madduck.net | domine
-  ForwardAgent yes
-  Hostname domine.madduck.net
+Host lunatic.madduck.net | lunatic
+  Hostname lunatic.madduck.net
 
-Host irc
-  Hostname vera.madduck.net
-  ConnectTimeout 60
+### UNI ZURICH MACHINES
 
-Host martin-krafft.net
-  User madduck
-  HostKeyAlias seamus.madduck.net
-Host phd.martin-krafft.net
-  User madduck
-  HostKeyAlias seamus.madduck.net
-Host madduck.net
-  User madduck
-  HostKeyAlias seamus.madduck.net
-Host imap.madduck.net
-  HostKeyAlias seamus.madduck.net
+Host gig.madduck.net | gig
+  Hostname gig.madduck.net
+
+Host eugene.madduck.net | eugene
+  Hostname eugene.madduck.net
+Host eugene-luks
+  Hostname eugene.madduck.net
+  User root
 
 Host diamond.madduck.net | diamond
-  ForwardAgent yes
   Hostname diamond.madduck.net
+Host debian.madduck.net | debian
+  HostKeyAlias diamond.madduck.net
+Host scratch.madduck.net | scratch
+  User madduck
+  HostKeyAlias diamond.madduck.net
 Host tunes.madduck.net | tunes
   AddressFamily inet
   ControlMaster no
   Hostname tunes.madduck.net
   HostKeyAlias diamond.madduck.net
+  IPQoS lowdelay af13
 Host flics.madduck.net | flics
   AddressFamily inet
   ControlMaster no
   Hostname flics.madduck.net
   HostKeyAlias diamond.madduck.net
-Host scratch.madduck.net | scratch
-  User madduck
-  HostKeyAlias diamond.madduck.net
+  IPQoS lowdelay af13
 
 Host shelter.madduck.net | shelter
-  ForwardAgent yes
   Hostname shelter.madduck.net
+Host backup.madduck.net | backup
+  HostKeyAlias shelter.madduck.net
 
-Host sheep.umverkehr.ch | sheep | webmail.madduck.net | webmail
-  Hostname sheep.umverkehr.ch
-  User madduck
+### PIPER / BYTEMARK
 
-Host lapse.rw.madduck.net | lapse.oerlikon.madduck.net | lapse
-  CheckHostIP no
-  ForwardAgent yes
-  ForwardX11 yes
+Host piper.madduck.net | piper
+  Hostname piper.madduck.net
 
-Host fishbowl.rw.madduck.net | fishbowl.oerlikon.madduck.net | fishbowl
-  CheckHostIP no
-  ForwardAgent yes
-  ForwardX11 yes
+### CIRRUS / HETZNER
+
+Host cirrus.madduck.net | cirrus
+  Hostname cirrus.madduck.net
 
-Host wall.oerlikon.madduck.net | wall
+### LEHEL
+
+Host clegg.lehel.madduck.net | clegg.lehel | clegg
   CheckHostIP no
-  ForwardAgent yes
-  Hostname wall.oerlikon.madduck.net
+  Hostname clegg.lehel.madduck.net
+
+Host albatross.lehel.madduck.net | albatross.lehel | albatross
+  Hostname albatross.lehel.madduck.net
+  HostKeyAlias albatross.lehel
+Host albatross-luks
+  Hostname albatross.lehel.madduck.net
+  StrictHostKeyChecking no
+  UserKnownHostsFile /dev/null
+  User root
 
-Host julia.oerlikon.madduck.net | julia
-  Hostname julia.oerlikon.madduck.net
-  ForwardAgent yes
+Host albatross-via-clegg | ralbatross
+  Hostname albatross.lehel.madduck.net
+  ProxyJump clegg.dyndns.madduck.net
+
+Host bike.lehel.madduck.net | bike.lehel | bike
+  Hostname bike.lehel.madduck.net
+  HostKeyAlias bike.lehel
+
+Host visitor*.lehel.madduck.net | visitor*.lehel
+  StrictHostKeyChecking no
+  UserKnownHostsFile /dev/null
+
+### GAUTING
 
 Host embryo.gauting.madduck.net | embryo
   CheckHostIP no
-  ForwardAgent yes
   Hostname embryo.gauting.madduck.net
   HostKeyAlias embryo.gauting.madduck.net
 
-Host piper.oerlikon.madduck.net | piper
-  Hostname piper.oerlikon.madduck.net
-  ForwardAgent yes
-  ForwardX11 yes
-Host pipere
-  Hostname wall.oerlikon.madduck.net
-  Port 22223
+Host mother.gauting | mother | mother.gauting.madduck.net
+  Hostname mother.gauting
+Host mothere
+  Hostname embryo.gauting.madduck.net
+  Port 22021
   CheckHostIP no
-  ForwardAgent yes
-  ForwardX11 yes
-  HostKeyAlias piper.oerlikon.madduck.net
+  HostKeyAlias mother.gauting.madduck.net
 
-Host albatross.oerlikon.madduck.net | albatross
-  Hostname albatross.oerlikon.madduck.net
-  ForwardAgent yes
-  ForwardX11 yes
-Host albatrosse
-  Hostname wall.oerlikon.madduck.net
-  Port 22224
-  CheckHostIP no
-  ForwardAgent yes
-  ForwardX11 yes
-  HostKeyAlias albatross.oerlikon.madduck.net
+Host visitor*.lehel.madduck.net | visitor*.lehel
+  StrictHostKeyChecking no
+  UserKnownHostsFile /dev/null
 
-Host pict.oerlikon.madduck.net | pict
-  Hostname pict.oerlikon.madduck.net
-  ForwardAgent yes
-  ForwardX11 yes
-#  AddressFamily inet
+### MTVIC
 
-Host nokia-n900.oerlikon.madduck.net | nokia-n900 | n900
-  CheckHostIP no
-  ForwardAgent yes
-  ForwardX11 yes
-  User user
+Host wall.mtvic.madduck.net | wall.mtvic | wall
+  Hostname wall.mtvic.madduck.net
 
-Host auge-fr.no-ip.org | auge
-  CheckHostIP no
-  Hostname auge-fr.no-ip.org
-  HostKeyAlias helena.home.mjollnir.org
+Host atom.mtvic.madduck.net | atom.mtvic | atom
+  Hostname atom.mtvic.madduck.net
 
-Host mother.gauting.madduck.net | mother
-  Hostname mother.gauting.madduck.net
-  ForwardAgent yes
-  ForwardX11 yes
-Host mothere
-  Hostname embryo.gauting.madduck.net
-  Port 22221
+Host bell.mtvic.madduck.net | bell.mtvic | bell
+  Hostname bell.mtvic.madduck.net
+
+Host julia.mtvic.madduck.net | julia.mtvic | julia
+  Hostname julia.mtvic.madduck.net
+
+Host julia-via-wall | rjulia
+  Hostname julia.mtvic.madduck.net
+  ProxyJump wall.mtvic.madduck.net
+
+Host jugband.mtvic.madduck.net | jugband.mtvic | jugband
+  Hostname jugband.mtvic.madduck.net
+
+### ROAD WARRIORS
+
+Host fishbowl.*
   CheckHostIP no
-  ForwardAgent yes
-  ForwardX11 yes
-  HostKeyAlias mother.gauting.madduck.net
+  HostKeyAlias fishbowl
 
-Host brick.gauting.madduck.net | brick
-  Hostname brick.gauting.madduck.net
-  ForwardAgent yes
-  ForwardX11 yes
-Host bricke
-  Hostname embryo.gauting.madduck.net
-  Port 22222
+Host fishbowl | fishbowl.rw.madduck.net
   CheckHostIP no
-  ForwardAgent yes
-  ForwardX11 yes
-  HostKeyAlias brick.gauting.madduck.net
+  HostKeyAlias fishbowl
+  ProxyCommand bash -c "TARGETS=$( (TRIES=%h.{mtvic,lehel,gauting,rw}.madduck.net; eval fping -aAC1 -t500 $TRIES 2>&1 & eval fping6 -aAC1 -t500 $TRIES 2>&1; wait) | sed -rne 's, : ([[:digit:]]), @\1,p' | sort -t@ -k2n | sed -ne 's, .*,,p' | tr '\n' ','); echo Targets: \$TARGETS using \${TARGETS%%%%,*} … >&2; exec nc -vq0 \${TARGETS%%%%,*} %p"
 
-Host zlinli.no-ip.org | zlinli
+Host ini | ini.dyndns.madduck.net
+  CheckHostIP no
+  HostKeyAlias ini.dyndns.madduck.net
+  HostName ini.dyndns.madduck.net
+  Port 13579
+  User christine
+
+### PHONES
+
+Host sgs7e | sgs7e.phones.*
+  Port 2222
+  User shell
+  HostName sgs7e.phones
+
+Host tethered-sgs7e
+  Port 2222
+  User shell
+  HostName 192.168.43.1
+  HostKeyAlias sgs7e.phones
+
+### LOCAL VIRT HOSTS
+
+Host red | green | blue | yellow | black | white | orange | violet | wafer
+  CanonicalDomains virt
+  CanonicalizeHostname yes
+  CanonicalizeFallbackLocal no
+  CanonicalizeMaxDots 0
+  VerifyHostKeyDNS no
   CheckHostIP no
-  Hostname zlinli.no-ip.org
+  StrictHostKeyChecking no
+  UserKnownHostsFile /dev/null
 
-Host debian-community.org | bikeshed.debian-community.org | bikeshed
-  Hostname bikeshed.debian-community.org
-  User madduck
-  ForwardAgent no
-  ForwardX11 no
+### DEBIAN
 
-Host alioth.debian.org | alioth
-  Hostname alioth.debian.org
-  User madduck
-Host svn.debian.org
-  HostKeyAlias alioth.debian.org
-  User madduck
-Host git.debian.org
-  HostKeyAlias alioth.debian.org
-  User madduck
-Host hg.debian.org
-  HostKeyAlias alioth.debian.org
-  User madduck
-Host cvs.debian.org
-  HostKeyAlias alioth.debian.org
-  User madduck
+Host alioth.debian.org | anonscm.alioth.debian.org | svn.debian.org | git.debian.org | hg.debian.org | cvs.debian.org
+  HostKeyAlias moszumanska.debian.org
+
+Host people.debian.org | people
+  Hostname people.debian.org
+  HostKeyAlias paradis.debian.org
 
-Host malo.debian.org | malo
-  Hostname malo.debian.org
-  User madduck
-Host paer.debian.org | paer
-  Hostname paer.debian.org
-  User madduck
-Host crest.debian.org | crest
-  Hostname crest.debian.org
-  User madduck
-Host saens.debian.org | saens
-  Hostname saens.debian.org
-  User madduck
-Host spohr.debian.org | spohr
-  Hostname spohr.debian.org
-  User madduck
-Host gluck.debian.org | gluck
-  Hostname gluck.debian.org
-  User madduck
-Host elara.debian.org | elara
-  Hostname elara.debian.org
-  User madduck
-Host sarti.debian.org | sarti
-  Hostname sarti.debian.org
-  User madduck
-Host europa.debian.org | europa
-  Hostname europa.debian.org
-  User madduck
 Host master.debian.org | master
   Hostname master.debian.org
+
+Match host *.debian.org
+  StrictHostKeyChecking ask
+  VerifyHostKeyDNS ask
   User madduck
-Host bartok.debian.org | bartok
-  Hostname bartok.debian.org
-  User madduck
-Host merulo.debian.org | merulo
-  Hostname merulo.debian.org
-  User madduck
-Host merkel.debian.org | merkel
-  Hostname merkel.debian.org
-  User madduck
-Host murphy.debian.org | murphy
-  Hostname murphy.debian.org
-  User madduck
-Host raptor.debian.org | raptor
-  Hostname raptor.debian.org
-  User madduck
-Host tartini.debian.org | tartini
-  Hostname tartini.debian.org
-  User madduck
-Host raff.debian.org | raff
-  Hostname raff.debian.org
-  User madduck
-Host klecker.debian.org | klecker
-  Hostname klecker.debian.org
-  User madduck
-Host voltaire.debian.org | voltaire
-  Hostname voltaire.debian.org
-  User madduck
-Host bruckner.debian.org | bruckner
-  Hostname bruckner.debian.org
-  User madduck
-Host kullervo.debian.org | kullervo
-  Hostname kullervo.debian.org
-  User madduck
-Host samosa.debian.org | samosa
-  Hostname samosa.debian.org
-  User madduck
-Host caballero.debian.org | caballero
-  Hostname caballero.debian.org
-  User madduck
-Host pergolesi.debian.org | pergolesi
-  Hostname pergolesi.debian.org
-  User madduck
-Host spontini.debian.org | spontini
-  Hostname spontini.debian.org
-  User madduck
-Host mayr.debian.org | mayr
-  Hostname mayr.debian.org
-  User madduck
-Host mayer.debian.org | mayer
-  Hostname mayer.debian.org
-  User madduck
-Host agnesi.debian.org | agnesi
-  Hostname agnesi.debian.org
-  User madduck
-Host puccini.debian.org | puccini
-  Hostname puccini.debian.org
-  User madduck
-Host villa.debian.org | villa
-  Hostname villa.debian.org
-  User madduck
-Host piatti.debian.org | piatti
-  Hostname piatti.debian.org
-  User madduck
-Host peri.debian.org | peri
-  Hostname peri.debian.org
-  User madduck
-Host lobos.debian.org | lobos
-  Hostname lobos.debian.org
-  User madduck
-Host wagner.debian.org | wagner
-  Hostname wagner.debian.org
-  User madduck
-Host verdi.debian.org | verdi
-  Hostname verdi.debian.org
-  User madduck
-Host ries.debian.org | ries
-  Hostname ries.debian.org
-  User madduck
-Host goetz.debian.org | goetz
-  Hostname goetz.debian.org
-  User madduck
-Host ravel.debian.org | ravel
-  Hostname ravel.debian.org
-  User madduck
-Host rietz.debian.org | rietz
-  Hostname rietz.debian.org
-  User madduck
-Host steffani.debian.org | steffani
-  Hostname steffani.debian.org
-  User madduck
-Host lebrun.debian.org | lebrun
-  Hostname lebrun.debian.org
-  User madduck
-Host liszt.debian.org | liszt
-  Hostname liszt.debian.org
-  User madduck
-Host mundy.debian.org | mundy
-  Hostname mundy.debian.org
-  User madduck
-Host albeniz.debian.org | albeniz
-  Hostname albeniz.debian.org
-  User madduck
-Host sperger.debian.org | sperger
-  Hostname sperger.debian.org
-  User madduck
-Host kassia.debian.org | kassia
-  Hostname kassia.debian.org
-  User madduck
-Host agricola.debian.org | agricola
-  Hostname agricola.debian.org
-  User madduck
-Host arcadelt.debian.org | arcadelt
-  Hostname arcadelt.debian.org
-  User madduck
-Host penalosa.debian.org | penalosa
-  Hostname penalosa.debian.org
-  User madduck
-Host argento.debian.org | argento
-  Hostname argento.debian.org
-  User madduck
-Host allegri.debian.org | allegri
-  Hostname allegri.debian.org
-  User madduck
-Host morales.debian.org | morales
-  Hostname morales.debian.org
-  User madduck
-Host auber.debian.org | auber
-  Hostname auber.debian.org
-  User madduck
-Host mahler.debian.org | mahler
-  Hostname mahler.debian.org
-  User madduck
-Host schroeder.debian.org | schroeder
-  Hostname schroeder.debian.org
-  User madduck
-Host powell.debian.org | powell
-  Hostname powell.debian.org
-  User madduck
-Host rem.debian.org | rem
-  Hostname rem.debian.org
-  User madduck
-Host smetana.debian.org | smetana
-  Hostname smetana.debian.org
-  User madduck
-Host bellini.debian.org | bellini
-  Hostname bellini.debian.org
+
+### DEBCONF
+
+Host nelson.debconf.org | penta.debconf.org | nelson | summit | summit.debconf.org
+  Hostname nelson.debconf.org
+  ProxyJump sysyphus.madduck.net
+
+Host itchy.debconf.org | itchy | wafer.debconf.org | wafer
+  Hostname itchy.debconf.org
+  ProxyJump sysyphus.madduck.net
+
+Host kent.debconf.org | kent
+  Hostname kent.debconf.org
+  ProxyJump sysyphus.madduck.net
+
+### TILDE CLUB
+
+Host remotes.club
+  Hostname remotes.club
+  Port 9022
   User madduck
 
-Host people.debian.org
-  HostKeyAlias ravel.debian.org
+Host squiggle.city
+  Hostname squiggle.city
   User madduck
 
-Host sergei.ifi.uzh.ch | sergei
-  Hostname sergei.ifi.uzh.ch
-  User krafft
-Host nikolai.ifi.uzh.ch | nikolai
-  Hostname nikolai.ifi.uzh.ch
-  User krafft
-Host franz.ifi.uzh.ch | franz
-  Hostname franz.ifi.uzh.ch
-  User krafft
-
-Host clegg-host | clegg-host.madduck.net | gratis2.opro.ch | opro
-  Hostname clegg-host.madduck.net
+### NZ
+
+Host workbuffer.org | nz
+  Hostname workbuffer.org
   User madduck
 
-Host arnold-host | arnold-host.madduck.net
-  Hostname arnold-host.madduck.net
-  User xen05
+### MISC
+
+Host github.com | github
+  Hostname github.com
+  User git
+
+Host gitlab.com | gitlab
+  Hostname gitlab.com
+  User gitlab
 
-Host skynet.skynet.ie | skynet.ie | skynet
-  Hostname skynet.skynet.ie
+Host gitlab.debian.net | git.fosscommunity.in
+  Hostname gitlab.debian.net
+  User gitlab
+
+Host grimble.mtfk.de | grimble | mtfk
+  CheckHostIP no
+  Hostname grimble.mtfk.de
+
+Host lion.mjollnir.org | lion
+  Hostname lion.mjollnir.org
   User madduck
 
-Host aika.krafftwerk.de | aika
-  Hostname aika.krafftwerk.de
+### DEFAULTS
+
+Match host *.madduck.net
+  StrictHostKeyChecking ask
+  VerifyHostKeyDNS ask
 
 Host *
-# AddressFamily any
-# BatchMode no
-# CheckHostIP yes
-  Cipher blowfish
-# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr
-# ClearAllForwardings no
-# Compression no
-# CompressionLevel 6
-# ConnectionAttempts 1
+  IgnoreUnknown *
   ConnectTimeout 10
   ControlPath ~/.var/ssh/ssh_control_%l_%h_%p_%r
   ControlMaster auto
-  ControlPersist 5
-## DSAAuthentication no
-# DynamicForward off
-# EnableSSHKeysign no
-# EscapeChar ~
+  ControlPersist 30
   ExitOnForwardFailure yes
   ForwardAgent no
-  ForwardX11 no
-# ForwardX11Trusted yes
-# GatewayPorts no
-# GlobalKnownHostsFile /etc/ssh/ssh_known_hosts
+  #ForwardX11 no
+  #ForwardX11Trusted no
   HashKnownHosts no
-# HostbasedAuthentication no
-  HostKeyAlgorithms ssh-rsa
-# IdentityFile ~/.ssh/identity
-  IdentityFile2 ~/.ssh/id_rsa
-# KbdInteractiveDevices pam
-# LocalCommand none
-# LocalForward none
-# LogLevel INFO
-  MACs hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-sha1-96,hmac-md5,hmac-md5-96
-# NoHostAuthenticationForLocalhost no
   NumberOfPasswordPrompts 2
   PasswordAuthentication yes
-# PermitLocalCommand no
-# Port 22
-# PreferredAuthentications gssapi-with-mic,hostbased,publickey,keyboard-interactive,password
   Protocol 2
-# ProxyCommand
-# PubkeyAuthentication yes
-# RekeyLimit 1G-4G #depends on cipher
-# RemoteForward
-# RhostsRSAAuthentication no
-# RSAAuthentication no
-# ServerAliveCountMax 3
   ServerAliveInterval 45
-  SetupTimeOut 10
-# SmartcardDevice off
   StrictHostKeyChecking yes
-# TCPKeepAlive yes
-# Tunnel no
-# TunnelDevice any:any
-# UsePrivilegedPort no
-# UserKnownHostsFile ~/.ssh/known_hosts
-# VerifyHostKeyDNS no
+  #UpdateHostKeys no
+  VerifyHostKeyDNS ask
   VisualHostKey no
-# XAuthLocation /usr/X11R6/bin/xauth