# SSH configuration file. # # Some options are set even if they are default to prevent /etc/ssh/ssh_config # from overwriting them. # Copyright (C) 2011-2020 Simon Ruderich # # This file is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This file is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this file. If not, see . # Undocumented (and not very well tested) feature. This drops the connection # after 5 seconds of inactivity. Thanks to shad0VV in #openssh on Freenode # (2012-11-04 18:40 CET) for telling me about this undocumented feature. # # ServerAliveCountMax 0 # ServerAliveInterval 5 # Options are parsed top-to-bottom, the first matching option is used. Later # assignments to the same option are ignored, thanks to anonJD in #openssh on # Freenode (2011-05-18 21:40 CEST) for letting me know. Therefore put all # affected host specific rules here, before the global rules. # # For example to change the MACs option for a specific host, use: # # Host host # # Old SSH daemon which needs SHA1 (SHA-512 in case it gets updated). # MACs hmac-sha2-512,hmac-sha1 # Rules for all hosts. Host * # Force protocol version 2 which is more secure (default). Protocol 2 # Use stronger algorithms. If some hosts require weaker versions then use Host # groups to enable them only for those specific machines. # Don't use SHA1 and disable elliptic curves whose security regarding the # parameters is still in debate. KexAlgorithms diffie-hellman-group16-sha512,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group18-sha512 # Use stronger cipher versions. Disable CBC ciphers to prevent (unlikely) # plaintext recovery attack [1], disable RC4 because it's broken [2]; this # leaves only AES. No GCM ciphers yet because they are still very new. # # [1]: http://www.openssh.com/txt/cbc.adv # [2]: http://www.schneier.com/blog/archives/2013/03/new_rc4_attack.html Ciphers aes256-ctr # Don't use weak MACs like MD5 or SHA1. However strong MACs are not as # important as strong ciphers because an attacker must be able to break a MAC # in real time to modify the data in transmit. Prefer "-etm" algorithms which # use encrypt-then-mac which is more secure than the default encrypt-and-mac # in SSH [1] (available since 6.2). # # [1]: http://cseweb.ucsd.edu/~mihir/papers/oem.html MACs hmac-sha2-512-etm@openssh.com # Disable ssh-rsa which is vulnerable to recent chosen prefix attacks against # SHA1 [1][2]. Disable elliptic curves whose security regarding the parameters # is still in debate. I don't need certificates, therefore disable those # algorithms as well (*-cert-*). # # [1]: https://www.openssh.com/txt/release-8.2 # [2]: "SHA-1 is a Shambles: First Chosen-Prefix Collision on SHA-1 and # Application to the PGP Web of Trust" Leurent, G and Peyrin, T (2020) # https://eprint.iacr.org/2020/014.pdf HostKeyAlgorithms rsa-sha2-512 # Also disable weak algorithms for public key authentication. Use a blacklist # because multiple algorithms might be already in use. PubkeyAcceptedKeyTypes -ssh-rsa,ssh-rsa-cert-v01@openssh.com,ssh-dss,ssh-dss-cert-v01@openssh.com # Disable X11 and agent forwarding for security reasons (defaults). ForwardX11 no ForwardAgent no # Don't trust remote X11 clients. If enabled allows bad admins complete access # to local X11! ForwardX11Trusted no # Disable authentication methods I don't use. ChallengeResponseAuthentication no GSSAPIAuthentication no HostbasedAuthentication no KbdInteractiveAuthentication no # Only enable those I need. PasswordAuthentication yes PubkeyAuthentication yes # Use only authentication identity files configured in ~/.ssh/config even if # ssh-agent offers more identities. IdentitiesOnly yes # Bind local forwardings to loopback only. This way no remote hosts can access # them (default). GatewayPorts no # Abort if not all requested port forwardings can be set up. ExitOnForwardFailure yes # Allow using -M (ControlMaster) to create a master SSH session which # "tunnels" other connections to the same host, thus reducing the number of # authentications (which are relatively slow) and TCP connections. The master # sockets are stored in ~/.ssh (by default ControlPath is not set). Using %r # (remote user name) might leak information to other users on the current # system (e.g. via netstat or lsof). ControlPath ~/.ssh/master/%l-%h-%p-%r # Automatically create a new master session if there's none yet or use an # existing one. This way the user doesn't have to use -M to enable a master # manually. Don't set this option to "yes" or all SSH commands try to become # the master session which is obviously not possible. ControlMaster auto # When the connection for a master is closed (e.g. logout of remote shell), # move the master connection in the background. If there's no other active # connection using the master, close it after x seconds. This prevents the # client of the master connection from blocking because it waits for all # connections using it to terminate which is very annoying. The timeout # prevents stale master connections. ControlPersist 10 # Don't permit running local commands (default). PermitLocalCommand no # Don't send any environment variables (default). SendEnv # Don't hash any hosts in ~/.ssh/known_hosts. It doesn't help if the ssh hosts # are stored in the shell's history file or in this file as shortcut so it's # rather useless (default). HashKnownHosts no # Ask to update the known hosts when the server sends additional host keys # (default, currently incompatible with ControlPersist). UpdateHostKeys ask # Check host IP in known_hosts when connecting to detect DNS spoofing # (default). CheckHostIP yes # Ask before adding any host keys to ~/.ssh/known_hosts (default). StrictHostKeyChecking ask # Check host keys from DNS' SSHFP resource records but apply # StrictHostKeyChecking before trusting them. VerifyHostKeyDNS ask