{
  config,
  lib,
  pkgs,
  ...
}: {
  programs.ssh = {
    # SSH configuration
    enable = true;
    # extra config to set the ciphers
    extraConfig = ''
      Ciphers aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
    '';
    # Enable compression
    compression = true;
    # enable session reuse
    controlMaster = "auto";
    controlPersist = "10m";
    # Configure known hosts
    matchBlocks = {
      # rsync.net
      "de1955" = {
        hostname = "de1955.rsync.net";
        user = "de1955";
      };
      # my nixos machines
      "tides" = {
        hostname = "150.136.87.190";
        forwardAgent = true;
      };
      "driftwood" = {
        hostname = "driftwood.stranger.systems";
        forwardAgent = true;
      };
      # Other Machines
      "static.stranger.systems" = {
        hostname = "129.153.226.221";
        user = "ubuntu";
      };
      "git.stranger.systems" = {
        user = "ubuntu";
      };
    };
  };
}