# Ensure KnownHosts are unreadable if leaked - it is otherwise easier to know which hosts your keys have access to.
HashKnownHosts yes
# Host keys the client accepts - order here is honored by OpenSSH
HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256

KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp256,ecdh-sha2-nistp384,diffie-hellman-group-exchange-sha256
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr

Host *
	UseRoaming no
	IdentitiesOnly yes
	Compression yes

Host server.tld
	HostName server.tld
	Port port
	User user
	IdentityFile /path/to/ssh/key

Host aur.archlinux.org
	HostName aur.archlinux.org
	User aur
	IdentityFile /path/to/ssh/key

Host bitbucket.org
	User git
	HostName bitbucket.org
	IdentityFile /path/to/ssh/key

Host github.com gist.github.com
	User git
	HostName github.com
	IdentityFile /path/to/ssh/key

Host gitlab.com
	User username
	HostName gitlab.com
	IdentityFile /path/to/ssh/key