{ config, ... }: {
  programs.ssh = {
    enable = true;
    enableDefaultConfig = false;
    matchBlocks = {
      "*" = {
        forwardAgent = false;
        addKeysToAgent = "yes";
        compression = false;
        serverAliveInterval = 0;
        serverAliveCountMax = 3;
        hashKnownHosts = false;
        userKnownHostsFile = "~/.ssh/known_hosts";
        controlMaster = "no";
        controlPath = "~/.ssh/master-%r@%n:%p";
        controlPersist = "no";
        identityFile = "${config.home.homeDirectory}/.ssh/id_ed25519_login";
      };
      "nixos-shell" = {
        hostname = "localhost";
        port = 2222;
        user = "git";
        identityFile = "${config.home.homeDirectory}/.ssh/id_ed25519_git";
      };
      "git" = {
        match = "User git";
        identityFile = "${config.home.homeDirectory}/.ssh/id_ed25519_git";
      };
    };
  };
  services.ssh-agent.enable = true;
}