diff --git a/defaults/main.yml b/defaults/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..e7f24ef65dfa5303168fdcc2a4df7c9799106b17
--- /dev/null
+++ b/defaults/main.yml
@@ -0,0 +1 @@
+tunnel_user_name: 'systunnel'
diff --git a/templates/ssh_config b/templates/ssh_config
index d4bef33ad0761d49dc829078b55b3e9e75ddae0e..af81dc03fcb6327871bc930bfdfa1765718a5947 100644
--- a/templates/ssh_config
+++ b/templates/ssh_config
@@ -1,13 +1,15 @@
 # See all parameters at http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config
 
 StrictHostKeyChecking no
-ForwardAgent yes
+ForwardAgent no
 
 {% for host in commonauth_extras|default([]) %}
-{% if host.certfile is defined %}
+{% if host.ssh is defined %}
 {% for name in host.names %}
 Host {{ name }}
-  IdentityFile ~/.ssh/{{ host.certfile }}
+{% for key, value in host.ssh.iteritems() %}
+  {{ key }} {{ value }}
+{% endfor %}
 
 {% endfor %}
 {% endif %}