]> ruderich.org/simon Gitweb - config/dotfiles.git/blobdiff - shell/sshd_config
ruderich.org/simon / config / dotfiles.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
shell: ssh_config, sshd_config: update algorithms
[config/dotfiles.git] / shell / sshd_config
diff --git a/shell/sshd_config b/shell/sshd_config
index 0b7d95a33ca8422a4160f65219457d1a9755cca1..acd771665b0ba8392025c76e9b44629a7b2a7e00 100644 (file)
--- a/shell/sshd_config
+++ b/shell/sshd_config
@@ -26,13 +26,11 @@ Port 22
 Protocol 2
 
 # Stronger algorithms. See ssh_config for details.
-KexAlgorithms diffie-hellman-group-exchange-sha256
+KexAlgorithms diffie-hellman-group16-sha512,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group18-sha512
 Ciphers aes256-ctr
-MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-512
-
-# Use privilege separation for increased security. "sandbox" applies
-# additional restrictions on the unprivileged process.
-UsePrivilegeSeparation sandbox
+MACs hmac-sha2-512-etm@openssh.com
+HostKeyAlgorithms rsa-sha2-512
+PubkeyAcceptedKeyTypes -ssh-rsa,ssh-rsa-cert-v01@openssh.com,ssh-dss,ssh-dss-cert-v01@openssh.com
 
 # Don't use PAM because it may circumvent other authentication methods used
 # below (default).
Configuration files for zsh, vim, git, mutt, herbstluftwm and a few more shell and X11 related programs