diff --git a/hm/common.nix b/hm/common.nix
index f8afb9f..f291247 100644
--- a/hm/common.nix
+++ b/hm/common.nix
@@ -274,8 +274,8 @@ in
           ".mypy_cache"
         ];
         lfs.enable = true;
-        userEmail = "geoffrey@frogeye.fr";
-        userName = "Geoffrey “Frogeye” Preud'homme";
+        userEmail = lib.mkDefault "geoffrey@frogeye.fr";
+        userName = lib.mkDefault "Geoffrey Frogeye";
         extraConfig = {
           core = {
             editor = "nvim";
diff --git a/hm/ssh.nix b/hm/ssh.nix
new file mode 100644
index 0000000..f085041
--- /dev/null
+++ b/hm/ssh.nix
@@ -0,0 +1,24 @@
+{ ... }:
+{
+  config = {
+    programs.ssh = {
+      enable = true;
+      controlMaster = "auto";
+      controlPersist = "60s"; # TODO Default is 10minutes... makes more sense no?
+      # Ping the server frequently enough so it doesn't think we left (non-spoofable)
+      serverAliveInterval = 30;
+      matchBlocks."*" = {
+        # Do not forward the agent (-A) to a machine by default,
+        # as it is kinda a security concern
+        forwardAgent = false;
+        # Restrict terminal features (servers don't necessarily have the terminfo for my cutting edge terminal)
+        sendEnv = [ "!TERM" ];
+        # TODO Why not TERM=xterm-256color?
+        extraOptions = {
+          # Check SSHFP records
+          VerifyHostKeyDNS = "yes";
+        };
+      };
+    };
+  };
+}