diff --git a/openssh.spec b/openssh.spec
index 2ee94e1..541b393 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -6,7 +6,7 @@
 %{?no_gtk2:%global gtk2 0}
 
 %global sshd_uid    74
-%global openssh_release 18
+%global openssh_release 19
 
 Name:           openssh
 Version:        8.2p1
@@ -98,6 +98,7 @@ Patch65:        backport-CVE-2021-28041.patch
 Patch66:        backport-change-convtime-form-returning-long-to-returning-int.patch
 Patch67:        backport-change-types-in-convtime-unit-test-to-int-to-match.patch
 Patch68:        backport-fix-possible-NULL-deref-when-built-without-FIDO.patch
+Patch69:        set-ssh-config.patch
 
 Requires:       /sbin/nologin
 Requires:       libselinux >= 2.3-5 audit-libs >= 1.0.8
@@ -268,6 +269,7 @@ popd
 %patch66 -p1
 %patch67 -p1
 %patch68 -p1
+%patch69 -p1
 
 autoreconf
 pushd pam_ssh_agent_auth-0.10.3
@@ -360,7 +362,6 @@ install -d $RPM_BUILD_ROOT%{_libdir}/fipscheck
 install -m644 %{SOURCE2} $RPM_BUILD_ROOT/etc/pam.d/sshd
 install -m644 %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/ssh-keycat
 install -m644 %{SOURCE7} $RPM_BUILD_ROOT/etc/sysconfig/sshd
-install -m644 ssh_config_redhat $RPM_BUILD_ROOT/etc/ssh/ssh_config.d/05-redhat.conf
 install -d -m755 $RPM_BUILD_ROOT/%{_unitdir}
 install -m644 %{SOURCE9} $RPM_BUILD_ROOT/%{_unitdir}/sshd@.service
 install -m644 %{SOURCE10} $RPM_BUILD_ROOT/%{_unitdir}/sshd.socket
@@ -416,7 +417,6 @@ getent passwd sshd >/dev/null || \
 %attr(0644,root,root) %{_libdir}/fipscheck/ssh.hmac
 %attr(0755,root,root) %{_bindir}/scp
 %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
-%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config.d/05-redhat.conf
 %attr(0755,root,root) %{_bindir}/ssh-agent
 %attr(0755,root,root) %{_bindir}/ssh-add
 %attr(0755,root,root) %{_bindir}/ssh-keyscan
@@ -476,6 +476,12 @@ getent passwd sshd >/dev/null || \
 %attr(0644,root,root) %{_mandir}/man8/sftp-server.8*
 
 %changelog
+* Tue Feb 28 2023 renmingshuai<renmingshuai@huawei.cn> - 8.2p1-19
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:set default ssh_config
+
 * Mon Jan 09 2023 renmingshuai<renmingshuai@huawei.cn> - 8.2p1-18
 - Type:bugfix
 - CVE:
diff --git a/set-ssh-config.patch b/set-ssh-config.patch
new file mode 100644
index 0000000..8da9e7e
--- /dev/null
+++ b/set-ssh-config.patch
@@ -0,0 +1,30 @@
+From 8b8319aac379d9d6f75577507e87a97a8aa8aadc Mon Sep 17 00:00:00 2001
+From: renmingshuai <renmingshuai@huawei.com>
+Date: Mon, 5 Sep 2022 10:33:02 +0800
+Subject: [PATCH] set-ssh-config
+
+---
+ ssh_config | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/ssh_config b/ssh_config
+index df22e2f..46b0987 100644
+--- a/ssh_config
++++ b/ssh_config
+@@ -48,4 +48,13 @@
+ #
+ # To modify the system-wide ssh configuration, create a  *.conf  file under
+ #  /etc/ssh/ssh_config.d/  which will be automatically included below
++Match final all
++	Include /etc/crypto-policies/back-ends/openssh.config
++	GSSAPIAuthentication yes
++	ForwardX11Trusted yes
++	SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
++	SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
++	SendEnv LC_IDENTIFIACTION LC_ALL_LANGUAGE
++	SendEnv XMODIFIERS
++
+ Include /etc/ssh/ssh_config.d/*.conf
+-- 
+1.8.3.1
+