diff --git a/.ssh/config.d/10_global b/.ssh/config.d/10_global
deleted file mode 100644
index 7dd008db4394d4749a2628ea717c85325d8880fe..0000000000000000000000000000000000000000
--- a/.ssh/config.d/10_global
+++ /dev/null
@@ -1,15 +0,0 @@
-Compression yes
-ControlMaster auto
-ControlPath ~/.ssh/%C.sock
-ControlPersist 3m
-ServerAliveInterval 30
-IdentitiesOnly yes
-ForwardAgent no
-
-# Copied from
-# https://wiki.mozilla.org/Security/Guidelines/OpenSSH?source=techstories.org#Modern
-HashKnownHosts yes
-HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256
-KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256
-MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com
-Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
diff --git a/.ssh/config.d/20_endless b/.ssh/config.d/20_endless
index 030a5a88e448988b9abdbccefd5bdb8d6392379b..adf3b09996ff4c724edaa346c4e9cd089ed6c2da 100644
--- a/.ssh/config.d/20_endless
+++ b/.ssh/config.d/20_endless
@@ -1,6 +1,22 @@
-Host 172.31.*.* 10.*.*.* *.endlessm.com *.endlessm-sf.com endlessm.com
-User nimrod
-IdentityFile ~/.ssh/endless_ecdsa
+Host appupdates.endlessm.com irc.endlessm.com status.endlessm.com
+Port 2200
+ProxyCommand ssh vpn-router.uw2.endlessm.com -W %h:%p
+
+Host vpn-router.sf.endlessm.com
+Port 2022
+
+Host braavos.endlessm-sf.com
+KexAlgorithms diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
+MACs hmac-sha1
+User sysmgr
+
+Host ap?.endlessm-sf.com
+Ciphers aes256-cbc
+User endlessapadmin
+
+Host router.endlessm-sf.com
+ProxyCommand none
+Ciphers aes256-cbc
 
 Host 10.17.*.* home.dev.endlessm.com
 ProxyCommand ssh vpn-router.uw1.endlessm.com -W %h:%p
@@ -10,9 +26,6 @@ UserKnownHostsFile /dev/null
 StrictHostKeyChecking no
 ProxyCommand ssh vpn-router.uw2.endlessm.com -W %h:%p
 
-Host appupdates.endlessm.com irc.endlessm.com status.endlessm.com
-Port 2200
-ProxyCommand ssh vpn-router.uw2.endlessm.com -W %h:%p
-
-Host vpn-router.sf.endlessm.com
-Port 2022
+Host 172.31.*.* 10.*.*.* *.endlessm.com *.endlessm-sf.com endlessm.com
+User nimrod
+IdentityFile ~/.ssh/endless_ecdsa
diff --git a/.ssh/config.d/99_ec2 b/.ssh/config.d/90_ec2
similarity index 100%
rename from .ssh/config.d/99_ec2
rename to .ssh/config.d/90_ec2