System/home-manager/modules/programs/ssh.nix

{
  config,
  lib,
  pkgs,
  ...
}: {
  services.ssh-agent = {
   enable = true;
  };
  programs.ssh = {
    # SSH configuration
    enable = true;
    # extra config to set the ciphers
    extraConfig = ''
      Ciphers aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
    '';
    # Enable compression
    compression = true;
    # enable session reuse
    controlMaster = "auto";
    controlPersist = "10m";
    # setup agent
    addKeysToAgent = "yes";
    # Configure known hosts
    matchBlocks = {
      "tides" = {
        hostname = "150.136.87.190";
        forwardAgent = true;
      };
      "driftwood" = {
        hostname = "driftwood.stranger.systems";
        forwardAgent = true;
      };
      "static.stranger.systems" = {
        hostname = "129.153.226.221";
        user = "ubuntu";
      };
      "git.stranger.systems" = {
        user = "ubuntu";
      };
    };
  };
}