From ff06c1478ad7cd3206c0e081518427071e7d4271 Mon Sep 17 00:00:00 2001
From: Eric Teunis de Boone <ericteunis@deboone.nl>
Date: Mon, 5 Sep 2022 10:58:03 +0200
Subject: [PATCH] [git] enable known_hosts.d file checking

---
 .install.conf.yaml | 2 ++
 ssh/config         | 8 ++++++--
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/.install.conf.yaml b/.install.conf.yaml
index 08bda0f..6e2eeb0 100644
--- a/.install.conf.yaml
+++ b/.install.conf.yaml
@@ -37,6 +37,8 @@
 - create:
     ~/.ssh/keys/:
         mode: 0700
+    ~/.ssh/known_hosts.d:
+        mode: 0700
 
 - shell:
     -
diff --git a/ssh/config b/ssh/config
index 5d2904c..a3695f6 100644
--- a/ssh/config
+++ b/ssh/config
@@ -3,5 +3,9 @@ Include ~/.ssh/config.d/*
 
 # Defaults
 Host *
-IdentitiesOnly yes
-IdentityFile ~/.ssh/keys/%h
+	ForwardAgent no
+	ForwardX11 no
+	IdentitiesOnly yes
+	IdentityFile ~/.ssh/keys/%h
+	UserKnownHostsFile ~/.ssh/known_hosts ~/.ssh/known_hosts.d/%h ~/.ssh/known_hosts2
+	UpdateHostKeys ask