diff --git a/home/david/configurations/Akun/default.nix b/home/david/configurations/Akun/default.nix
index 439a698..8fba96e 100644
--- a/home/david/configurations/Akun/default.nix
+++ b/home/david/configurations/Akun/default.nix
@@ -28,6 +28,7 @@
 
   david = {
     wallpaper.enable = true;
+    programs.openssh.enable = true;
   };
 
   xdg.userDirs = {
@@ -85,27 +86,6 @@
     just
   ];
 
-  programs.ssh = {
-    enable = true;
-    hashKnownHosts = true;
-    extraOptionOverrides = {
-      HostKeyAlgorithms = "ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256";
-      KexAlgorithms = "curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256";
-      MACs = "hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com";
-      Ciphers = "chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr";
-    };
-    matchBlocks = {
-      "github.com" = {
-        hostname = "ssh.github.com";
-        port = 443;
-        user = "git";
-        extraOptions = {
-          AddKeysToAgent = "yes";
-        };
-      };
-    };
-    includes = [ config.sops.secrets.ssh-config.path ];
-  };
   programs.chromium = {
     enable = true;
     commandLineArgs = [
@@ -114,27 +94,4 @@
       "--enable-features=UseOzonePlatform"
     ];
   };
-  sops.secrets = {
-    "ssh-private-key/tytonidae" = {
-      mode = "0600";
-      path = "${config.home.homeDirectory}/.ssh/id_ed25519_tytonidae";
-    };
-    "ssh-private-key/akun" = {
-      mode = "0600";
-      path = "${config.home.homeDirectory}/.ssh/id_ed25519_akun";
-    };
-    "ssh-private-key/cape" = {
-      mode = "0600";
-      path = "${config.home.homeDirectory}/.ssh/id_ed25519_cape";
-    };
-    "ssh-private-key/deploy" = {
-      mode = "0600";
-      path = "${config.home.homeDirectory}/.ssh/id_ed25519_deploy";
-    };
-    "ssh-config" = {
-      mode = "0400";
-      format = "yaml";
-      sopsFile = rootPath + "/secrets/ssh-config.yaml";
-    };
-  };
 }
diff --git a/home/david/configurations/Tytonidae/default.nix b/home/david/configurations/Tytonidae/default.nix
index cfc345d..8c52a88 100644
--- a/home/david/configurations/Tytonidae/default.nix
+++ b/home/david/configurations/Tytonidae/default.nix
@@ -37,6 +37,7 @@
 
   david = {
     wallpaper.enable = true;
+    programs.openssh.enable = true;
   };
 
   xdg.userDirs = {
@@ -92,27 +93,7 @@
     viu
     just
   ];
-  programs.ssh = {
-    enable = true;
-    hashKnownHosts = true;
-    extraOptionOverrides = {
-      HostKeyAlgorithms = "ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256";
-      KexAlgorithms = "curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256";
-      MACs = "hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com";
-      Ciphers = "chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr";
-    };
-    matchBlocks = {
-      "github.com" = {
-        hostname = "ssh.github.com";
-        port = 443;
-        user = "git";
-        extraOptions = {
-          AddKeysToAgent = "yes";
-        };
-      };
-    };
-    includes = [ config.sops.secrets.ssh-config.path ];
-  };
+
   programs.chromium = {
     enable = true;
     commandLineArgs = [
@@ -127,29 +108,4 @@
       uris = [ "qemu:///system" ];
     };
   };
-
-  sops.secrets = {
-    "ssh-private-key/tytonidae" = {
-      mode = "0600";
-      path = "${config.home.homeDirectory}/.ssh/id_ed25519_tytonidae";
-    };
-    "ssh-private-key/akun" = {
-      mode = "0600";
-      path = "${config.home.homeDirectory}/.ssh/id_ed25519_akun";
-    };
-    "ssh-private-key/cape" = {
-      mode = "0600";
-      path = "${config.home.homeDirectory}/.ssh/id_ed25519_cape";
-    };
-    "ssh-private-key/deploy" = {
-      mode = "0600";
-      path = "${config.home.homeDirectory}/.ssh/id_ed25519_deploy";
-    };
-    "ssh-config" = {
-      mode = "0400";
-      format = "yaml";
-      sopsFile = rootPath + "/secrets/ssh-config.yaml";
-    };
-  };
-
 }
diff --git a/home/david/modules/default.nix b/home/david/modules/default.nix
index 989300c..882ebe7 100644
--- a/home/david/modules/default.nix
+++ b/home/david/modules/default.nix
@@ -1,7 +1,8 @@
 { pkgs, ... }:
 {
   imports = [
-    ./wallpaper
+    ./wallpaper.nix
+    ./programs
   ];
   config = {
     home.packages = with pkgs; [
diff --git a/home/david/modules/programs/default.nix b/home/david/modules/programs/default.nix
new file mode 100644
index 0000000..29f07f6
--- /dev/null
+++ b/home/david/modules/programs/default.nix
@@ -0,0 +1,6 @@
+{ ... }:
+{
+  imports = [
+    ./openssh.nix
+  ];
+}
diff --git a/home/david/modules/programs/openssh.nix b/home/david/modules/programs/openssh.nix
new file mode 100644
index 0000000..11e1082
--- /dev/null
+++ b/home/david/modules/programs/openssh.nix
@@ -0,0 +1,67 @@
+{
+  rootPath,
+  config,
+  lib,
+  ...
+}:
+let
+  cfg = config.david.programs.openssh;
+in
+{
+  options = {
+    david.programs.openssh = {
+      enable = lib.mkEnableOption "openssh";
+    };
+  };
+  config = lib.mkMerge [
+    (lib.mkIf cfg.enable {
+      programs.ssh = {
+        enable = true;
+        hashKnownHosts = true;
+        extraOptionOverrides = {
+          HostKeyAlgorithms = "ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256";
+          KexAlgorithms = "curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256";
+          MACs = "hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com";
+          Ciphers = "chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr";
+        };
+        matchBlocks = {
+          "github.com" = {
+            hostname = "ssh.github.com";
+            port = 443;
+            user = "git";
+            extraOptions = {
+              AddKeysToAgent = "yes";
+            };
+          };
+        };
+      };
+
+    })
+    (lib.mkIf (cfg.enable && config.youthlic.programs.sops.enable) {
+      programs.ssh.includes = [ config.sops.secrets.ssh-config.path ];
+      sops.secrets = {
+        "ssh-private-key/tytonidae" = {
+          mode = "0600";
+          path = "${config.home.homeDirectory}/.ssh/id_ed25519_tytonidae";
+        };
+        "ssh-private-key/akun" = {
+          mode = "0600";
+          path = "${config.home.homeDirectory}/.ssh/id_ed25519_akun";
+        };
+        "ssh-private-key/cape" = {
+          mode = "0600";
+          path = "${config.home.homeDirectory}/.ssh/id_ed25519_cape";
+        };
+        "ssh-private-key/deploy" = {
+          mode = "0600";
+          path = "${config.home.homeDirectory}/.ssh/id_ed25519_deploy";
+        };
+        "ssh-config" = {
+          mode = "0400";
+          format = "yaml";
+          sopsFile = rootPath + "/secrets/ssh-config.yaml";
+        };
+      };
+    })
+  ];
+}
diff --git a/home/david/modules/wallpaper/default.nix b/home/david/modules/wallpaper.nix
similarity index 100%
rename from home/david/modules/wallpaper/default.nix
rename to home/david/modules/wallpaper.nix