From 8fab449d59c0cc250464c03d085625141b4b12a6 Mon Sep 17 00:00:00 2001 From: Simon Ruderich Date: Sun, 5 Jan 2014 23:27:18 +0100 Subject: [PATCH] ssh_config: Use stronger algorithms. --- ssh_config | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/ssh_config b/ssh_config index 4f239be..2d27284 100644 --- a/ssh_config +++ b/ssh_config @@ -3,7 +3,7 @@ # Some options are set even if they are default to prevent /etc/ssh/ssh_config # from overwriting them. -# Copyright (C) 2011-2013 Simon Ruderich +# Copyright (C) 2011-2014 Simon Ruderich # # This file is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -32,6 +32,32 @@ Host * # Force protocol version 2 which is more secure (default). Protocol 2 +# Use stronger algorithms. If some hosts require weaker versions then use Host +# groups to enable them only for those specific machines. + +# Don't use SHA1 and disable elliptic curves whose security regarding the +# parameters is still in debate. + KexAlgorithms diffie-hellman-group-exchange-sha256 +# Use stronger cipher versions. Disable CBC ciphers to prevent (unlikely) +# plaintext recovery attack [1], disable RC4 because it's broken [2]; this +# leaves only AES. No GCM ciphers yet because they are still very new. +# +# [1]: http://www.openssh.com/txt/cbc.adv +# [2]: http://www.schneier.com/blog/archives/2013/03/new_rc4_attack.html + Ciphers aes256-ctr +# Don't use weak MACs like MD5 or SHA1. However strong MACs are not as +# important as strong ciphers because an attacker must be able to break a MAC +# in real time to modify the data in transmit. Prefer "-etm" algorithms which +# use encrypt-then-mac which is more secure than the default encrypt-and-mac +# in SSH [1] (available since 6.2). +# +# [1]: http://cseweb.ucsd.edu/~mihir/papers/oem.html + MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-512 +# Disable DSA host keys because they are weak (only 1024 bit) and elliptic +# curves. I don't need certificates, therefore disables those algorithms as +# well (*-cert-*). + HostKeyAlgorithms ssh-rsa + # Disable X11 and agent forwarding for security reasons (defaults). ForwardX11 no ForwardAgent no -- 2.45.2