From: Simon Ruderich <simon@ruderich.org>
Date: Mon, 6 Jan 2014 13:39:15 +0000 (+0100)
Subject: sshd_config: Use stronger algorithms.
X-Git-Url: https://ruderich.org/simon/gitweb/?a=commitdiff_plain;h=81a30e7244613930a0fd0750f7d48109fc12f732;hp=b7a761aa3677916ec29d53e5807aa0c5df91b03e;p=config%2Fdotfiles.git

sshd_config: Use stronger algorithms.
---

diff --git a/sshd_config b/sshd_config
index dbb774e..47d8577 100644
--- a/sshd_config
+++ b/sshd_config
@@ -25,6 +25,11 @@ Port 22
 # Only use protocol 2. Protocol 1 is insecure. (default)
 Protocol 2
 
+# Stronger algorithms. See ssh_config for details.
+KexAlgorithms diffie-hellman-group-exchange-sha256
+Ciphers aes256-ctr
+MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-512
+
 # Use privilege separation for increased security. "sandbox" applies
 # additional restrictions on the unprivileged process.
 UsePrivilegeSeparation sandbox