diff --git a/fedora-minimal/fedora-minimal.sh b/fedora-minimal/fedora-minimal.sh
index 28720ea..32ca740 100644
--- a/fedora-minimal/fedora-minimal.sh
+++ b/fedora-minimal/fedora-minimal.sh
@@ -7,3 +7,7 @@ sudo curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/Kickse
 sudo curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/Kicksecure/security-misc/master/etc/sysctl.d/30_security-misc.conf -o /etc/sysctl.d/30_security-misc.conf
 sudo sed -i 's/kernel.yama.ptrace_scope=2/kernel.yama.ptrace_scope=3/g' /etc/sysctl.d/30_security-misc.conf
 sudo curl --proxy http://127.00.1:8082 https://raw.githubusercontent.com/Kicksecure/security-misc/master/etc/sysctl.d/30_silent-kernel-printk.conf -o /etc/sysctl.d/30_silent-kernel-printk.conf
+
+#Setup SSH client
+echo "GSSAPIAuthentication no" > /etc/ssh/ssh_config.d/10-custom.conf
+echo "VerifyHostKeyDNS yes" >> /etc/ssh/ssh_config.d/10-custom.conf
\ No newline at end of file
diff --git a/fedora-minimal/sys-net.sh b/fedora-minimal/sys-net.sh
index 05f7131..9d9c153 100644
--- a/fedora-minimal/sys-net.sh
+++ b/fedora-minimal/sys-net.sh
@@ -1,11 +1,17 @@
 #!/bin/bash
 
-sudo dnf install -y qubes-core-agent-networking qubes-core-agent-network-manager NetworkManager-wifi network-manager-applet notification-daemon gnome-keyring @hardware-support chrony arc-theme
+dnf install -y qubes-core-agent-networking qubes-core-agent-network-manager NetworkManager-wifi network-manager-applet notification-daemon gnome-keyring @hardware-support chrony arc-theme
 
-sudo systemctl disable --now systemd-timesyncd
-sudo rm -rf /etc/chrony.conf
-sudo curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/GrapheneOS/infrastructure/main/chrony.conf -o /etc/chrony.conf
-sudo systemctl enable --now chronyd
+systemctl disable --now systemd-timesyncd
+rm -rf /etc/chrony.conf
+curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/GrapheneOS/infrastructure/main/chrony.conf -o /etc/chrony.conf
+systemctl enable --now chronyd
+
+#Force DNSSEC
+sed -i 's/#DNSSEC=no/DNSSEC=yes/g' /etc/systemd/resolved.conf
+systemctl restart systemd-resolved
+
+#Theming
 
 sudo mkdir -p /etc/gtk-3.0
 echo '[Settings]
diff --git a/fedora/fedora.sh b/fedora/fedora.sh
index a4a38a3..29a2d2b 100644
--- a/fedora/fedora.sh
+++ b/fedora/fedora.sh
@@ -17,6 +17,14 @@ sudo curl --proxy http://127.00.1:8082 https://raw.githubusercontent.com/Kicksec
 sudo mkdir -p /etc/systemd/system/ModemManager.service.d
 sudo curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/divestedcg/Brace/master/brace/usr/lib/systemd/system/ModemManager.service.d/99-brace.conf -o /etc/systemd/system/ModemManager.service.d/99-brace.conf
 
+#Setup SSH client
+echo "GSSAPIAuthentication no" | sudo tee /etc/ssh/ssh_config.d/10-custom.conf
+echo "VerifyHostKeyDNS yes" | sudo tee -a /etc/ssh/ssh_config.d/10-custom.conf
+
+#Force DNSSEC
+sudo sed -i 's/#DNSSEC=no/DNSSEC=yes/g' /etc/systemd/resolved.conf
+sudo systemctl restart systemd-resolved
+
 # Theming
 git config --global http.proxy http://127.0.0.1:8082
 git clone https://github.com/horst3180/arc-icon-theme