diff --git a/README.md b/README.md
index b29c59b565105b2305125ccbcd767c46be9aeb94..4a3678e2fb1284171c6ee05befb45fae275c6f98 100644
--- a/README.md
+++ b/README.md
@@ -33,12 +33,18 @@ Run `mkdir .direnv && direnv allow .` to enable direnv integration with nix flak
 
 Some hosts are only reachable through a jumphost, e.g. Containers or VMs on a
 proxmox. To access them, this playbook assumes you have configured an SSH alias
-in your ssh_config (`~/.ssh/config`) like so:
+in your ssh_config (`~/.ssh/config`)
 ```
 host *.vm.freifunk-stuttgart.de
         proxyjump nrb@jumphost.freifunk-stuttgart.de
         user root
 ```
+To get access to all machines, add to your .ssh/config the contents of `ssh_config`
+instead of the above mentioned lines, e.g. by including it, adjust the path:
+```
+Host *
+Include ~/git/freifunk/infrastruktur-ansible/ssh-config
+```
 
 ### Vault
 
diff --git a/ssh_config b/ssh_config
new file mode 100644
index 0000000000000000000000000000000000000000..f589d3fae72b9051c1ce45ac206b373de79195a4
--- /dev/null
+++ b/ssh_config
@@ -0,0 +1,192 @@
+Host ffs10 ffs10.freifunk-stuttgart.de
+	Hostname 10.0.3.110
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host cloud01.freifunk-stuttgart.de cloud.freifunk-stuttgart.de
+	Hostname 10.0.3.164
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host core01-z10a.vm.freifunk-stuttgart.de
+	Hostname 10.0.8.177
+	ProxyJump ffs08.freifunk-stuttgart.de
+Host core02-z10a.vm.freifunk-stuttgart.de
+	Hostname 10.0.13.179
+	ProxyJump ffs13.freifunk-stuttgart.de
+Host db-postgres01.freifunk-stuttgart.de
+	Hostname 10.0.3.224
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host dhcp03.gw.freifunk-stuttgart.de
+	ControlMaster no
+	ControlPath none
+	ProxyJump gw05n02.gw.freifunk-stuttgart.de
+	Port 44353
+Host dhcp04.freifunk-stuttgart.de
+	Hostname 10.0.3.254
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host dns01.freifunk-stuttgart.de
+	AddressFamily inet6
+	ProxyJump tunnel.lihas.de
+Host dns02.as208772.net
+	AddressFamily inet6
+	ProxyJump tunnel.lihas.de
+Host dns03.freifunk-stuttgart.eu
+	AddressFamily inet6
+	ProxyJump tunnel.lihas.de
+Host esslingen-web01.freifunk-stuttgart.de
+	Hostname 10.0.3.239
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host firmware.freifunk-stuttgart.de
+	Hostname 10.0.3.195
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host ffs03-reverse-proxy.ffs03.freifunk-stuttgart.de
+	Hostname 10.0.3.91
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host ffs05
+	HostName ffs05.freifunk-stuttgart.de
+Host ffs08
+	HostName ffs08.freifunk-stuttgart.de
+Host ffs09
+	HostName ffs09.freifunk-stuttgart.de
+Host ffs10
+	HostName ffs10.freifunk-stuttgart.de
+Host ffs11
+	HostName ffs11.freifunk-stuttgart.de
+Host ffs-lihas01
+	HostName fd21:b4dc:4b08:0:f6ec:38ff:fef1:63a
+Host ffs-lihas02
+	HostName fd21:b4dc:4b08:0:a2f3:c1ff:fe8c:2112
+Host ffs-lihas03
+	HostName fd21:b4dc:4b08:0:e695:6eff:fe40:d145
+Host ffs-lihas05
+	HostName fd21:b4dc:4b08:0:e695:6eff:fe4d:2a6f
+Host ffs-salt-master.ffs03.freifunk-stuttgart.de
+	Hostname 10.0.3.3
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host gitlab01.freifunk-stuttgart.de ssh.gitlab.freifunk-stuttgart.de
+	Hostname 10.0.3.220
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host gitlab-runner02.ffs03.freifunk-stuttgart.de
+	Hostname 10.0.3.225
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host grafana.freifunk-stuttgart.de
+	Hostname 10.0.3.237
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host gw04n05.gw.freifunk-stuttgart.de gw04n05.vm.freifunk-stuttgart.de
+	Hostname 10.0.3.45
+	ProxyJump ffs11.freifunk-stuttgart.de
+Host gw04n06.gw.freifunk-stuttgart.de gw04n06.vm.freifunk-stuttgart.de
+	Hostname 10.0.3.46
+	ProxyJump ffs05.freifunk-stuttgart.de
+Host letsencrypt.freifunk-stuttgart.de letsencrypt.vm.freifunk-stuttgart.de
+	Hostname 10.0.3.239
+	ProxyJump ffs11.freifunk-stuttgart.de
+Host mailbox.freifunk-stuttgart.de mailbox.vm.freifunk-stuttgart.de
+	Hostname 10.0.3.233
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host mailexpand.freifunk-stuttgart.de mailexpand.vm.freifunk-stuttgart.de
+	Hostname 10.0.3.202
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host mailgw01.freifunk-stuttgart.de mailgw01.vm.freifunk-stuttgart.de
+	Hostname 10.0.3.230
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host mailgw02.freifunk-stuttgart.de mailgw02.vm.freifunk-stuttgart.de
+	Hostname 10.0.3.231
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host maillist.freifunk-stuttgart.de maillist.vm.freifunk-stuttgart.de
+	Hostname 10.0.3.232
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host mariadb01.freifunk-stuttgart.de
+	Hostname 10.0.3.238
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host meshviewer01.freifunk-stuttgart.de meshviewer01.vm.freifunk-stuttgart.de
+	Hostname 10.0.3.169
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host pad.freifunk-stuttgart.de
+	Hostname 10.0.3.182
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host passbolt.freifunk-stuttgart.de
+	Hostname 10.0.3.235
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host pbs01.freifunk-stuttgart.de
+	Hostname 10.0.3.194
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host prometheus02.freifunk-stuttgart.de
+	Hostname 10.0.3.173
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host revproxy-03.ffs03.freifunk-stuttgart.de revproxy-03.freifunk-stuttgart.de
+	Hostname 10.0.3.213
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host revproxy-05.ffs03.freifunk-stuttgart.de revproxy-05.freifunk-stuttgart.de
+	Hostname 10.0.3.213
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host sso01.vm.freifunk-stuttgart.de
+	Hostname 10.0.3.203
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host test01.freifunk-stuttgart.de
+	Hostname 10.0.3.191
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host ticket.freifunk-stuttgart.de
+	Hostname 10.0.3.234
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host unifi.freifunk-stuttgart.de unifi.vm.freifunk-stuttgart.de
+	Hostname 10.0.3.222
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host unms.freifunk-stuttgart.de
+	Hostname 10.0.3.223
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host voip-incoming-01.freifunk-stuttgart.de
+	Hostname 10.0.3.181
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host wiki.freifunk-stuttgart.de
+	Hostname 10.0.3.221
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host wiki-testing.freifunk-stuttgart.de
+	Hostname 10.0.3.194
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host www-beuren.ffs03.freifunk-stuttgart.de
+	Hostname 10.0.3.163
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host www-prod.ffs03.freifunk-stuttgart.de
+	Hostname 10.0.3.228
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host www-staging.freifunk-stuttgart.de
+	Hostname 10.0.3.226
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host yanic01.freifunk-stuttgart.de yanic01.vm.freifunk-stuttgart.de
+	Hostname 10.0.3.236
+	ProxyJump jumphost.freifunk-stuttgart.de
+Host *.ffs03.freifunk-stuttgart.de
+  ControlMaster no
+  ControlPath none
+  ProxyCommand ssh -a root@ffs03.freifunk-stuttgart.de 'HNAME=%h; nc ${HNAME%%%%.ffs03.freifunk-stuttgart.de} %p'
+Host *.ffs05
+	ControlMaster no
+	ControlPath none
+	User root
+	ProxyCommand ssh -a root@ffs05.freifunk-stuttgart.de -W 10.0.3.$(( $(echo %n | sed -e 's/.ffs05//') - 3000 )):22
+Host *.ffs03
+    User root
+    ProxyCommand ssh ffs03 -W 10.0.3.$(( $(echo %n | sed -e 's/.ffs03//') - 3000 )):22
+Host *.ffs11
+    User root
+    ProxyCommand ssh ffs03 -W 10.0.3.$(( $(echo %n | sed -e 's/.ffs11//') - 3000 )):22
+Host *.ffs05.freifunk-stuttgart.de
+  ControlMaster no
+  ControlPath none
+  ProxyCommand ssh -a root@ffs05.freifunk-stuttgart.de 'HNAME=%h; nc ${HNAME%%%%.ffs05.freifunk-stuttgart.de} %p'
+Host *.ffs11
+  ControlMaster no
+  ControlPath none
+  ProxyCommand ssh -a root@ffs11.freifunk-stuttgart.de -W 10.0.3.$(( $(echo %n | sed -e 's/.ffs11//') - 3000 )):22
+Host *.ffs11.freifunk-stuttgart.de
+  ControlMaster no
+  ControlPath none
+  ProxyCommand ssh -a root@ffs11.freifunk-stuttgart.de 'HNAME=%h; nc ${HNAME%%%%.ffs11.freifunk-stuttgart.de} %p'
+Host *.ffs04.freifunk-stuttgart.de
+  ControlMaster no
+  ControlPath none
+  ProxyCommand ssh -a root@ffs04.freifunk-stuttgart.de 'HNAME=%h; nc ${HNAME%%%%.ffs04.freifunk-stuttgart.de} %p'
+Host *.ffs
+  ControlMaster no
+  ControlPath none
+  ProxyCommand ssh -a root@gw05n02.gw.freifunk-stuttgart.de 'HNAME=%h; nc ${HNAME%%%%.ffs} %p'
+host *.vm.freifunk-stuttgart.de
+        ProxyJump jumphost.freifunk-stuttgart.de