diff --git a/m/apex/configuration.nix b/m/apex/configuration.nix
index fdddb676..82d38422 100644
--- a/m/apex/configuration.nix
+++ b/m/apex/configuration.nix
@@ -56,14 +56,6 @@
     };
   };
 
-  # Use SSH tunnel to reach internal hosts
-  programs.ssh.extraConfig = ''
-    Host knights3.bsc.es
-      ProxyCommand nc -X connect -x localhost:23080 %h %p
-    Host tent
-      ProxyJump raccoon
-  '';
-
   networking.firewall = {
     extraCommands = ''
       # Blackhole BSC vulnerability scanner (OpenVAS) as it is spamming our
diff --git a/m/common/ssf.nix b/m/common/ssf.nix
index 8e8dc6b4..5c9d8477 100644
--- a/m/common/ssf.nix
+++ b/m/common/ssf.nix
@@ -5,6 +5,5 @@
     ./ssf/fs.nix
     ./ssf/hosts.nix
     ./ssf/net.nix
-    ./ssf/ssh.nix
   ];
 }
diff --git a/m/common/ssf/ssh.nix b/m/common/ssf/ssh.nix
deleted file mode 100644
index c2f0d71e..00000000
--- a/m/common/ssf/ssh.nix
+++ /dev/null
@@ -1,12 +0,0 @@
-{
-  # Use SSH tunnel to apex to reach internal hosts
-  programs.ssh.extraConfig = ''
-    Host tent
-      ProxyJump raccoon
-
-    # Access raccoon via the HTTP proxy
-    Host raccoon knights3.bsc.es
-      HostName knights3.bsc.es
-      ProxyCommand=ssh apex 'nc -X connect -x localhost:23080 %h %p'
-  '';
-}
diff --git a/m/fox/configuration.nix b/m/fox/configuration.nix
index d73f9dc6..e890ba54 100644
--- a/m/fox/configuration.nix
+++ b/m/fox/configuration.nix
@@ -45,12 +45,6 @@
 
   services.fail2ban.enable = true;
 
-  # Use SSH tunnel to reach internal hosts
-  programs.ssh.extraConfig = ''
-    Host tent
-      ProxyJump raccoon
-  '';
-
   networking = {
     timeServers = [ "ntp1.upc.edu" "ntp2.upc.edu" ];
     hostName = "fox";