# Added by OrbStack: 'orb' SSH host for Linux machines
# This only works if it's at the top of ssh_config (before any Host blocks).
# This won't be added again if you remove it.
Include ~/.orbstack/ssh/config

# Universal Settings
Protocol 2

Host *
    # Add the post-quantum (PQ) KEX algorithms to the front of the default list.
    # The client will try them in this order before falling back to standard ones.
    # The (+) syntax requires OpenSSH 7.8 or newer.
    KexAlgorithms +mlkem768x25519-sha256,sntrup761x25519-sha512@openssh.com

# Permit Local Overrides
Include ~/.ssh/config.d/*

# SSH known host hashing doesn't buy much with shell history, etc.
HashKnownHosts no

# Enable canonicalization, unless overridden
CanonicalizeHostname        always
CanonicalizeFallbackLocal   yes
CanonicalDomains            systemoverlord.com
CanonicalizeMaxDots         0

Host *.cloudshell.dev
  # Cloudshell hostnames are too long for unix sockets
  ControlMaster no

Match exec "test -d \"$XDG_RUNTIME_DIR\" && mkdir -p $XDG_RUNTIME_DIR/sshsock" final
  ControlPath ${XDG_RUNTIME_DIR}/sshsock/%C

# Anything set earlier will take precedence, so these are defaults
Match final
  CheckHostIP                 no
  ControlMaster               auto
  ControlPath                 ~/.ssh/master/%r@%h:%p
  ControlPersist              yes
  ForwardAgent                no
  ForwardX11                  no
  ForwardX11Trusted           no
  ServerAliveInterval         30
  ServerAliveCountMax         3
  UpdateHostKeys              yes
  User                        david
  VerifyHostKeyDNS            ask
