X-Git-Url: https://ruderich.org/simon/gitweb/?p=config%2Fdotfiles.git;a=blobdiff_plain;f=shell%2Fsshd_config;fp=shell%2Fsshd_config;h=acd771665b0ba8392025c76e9b44629a7b2a7e00;hp=0b7d95a33ca8422a4160f65219457d1a9755cca1;hb=acbc561fcc66fcfc1a013cab4033fa272f7c5643;hpb=9e4b2aff9242c3e72c714c3bf01c670b576e6627

diff --git a/shell/sshd_config b/shell/sshd_config
index 0b7d95a..acd7716 100644
--- a/shell/sshd_config
+++ b/shell/sshd_config
@@ -26,13 +26,11 @@ Port 22
 Protocol 2
 
 # Stronger algorithms. See ssh_config for details.
-KexAlgorithms diffie-hellman-group-exchange-sha256
+KexAlgorithms diffie-hellman-group16-sha512,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group18-sha512
 Ciphers aes256-ctr
-MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-512
-
-# Use privilege separation for increased security. "sandbox" applies
-# additional restrictions on the unprivileged process.
-UsePrivilegeSeparation sandbox
+MACs hmac-sha2-512-etm@openssh.com
+HostKeyAlgorithms rsa-sha2-512
+PubkeyAcceptedKeyTypes -ssh-rsa,ssh-rsa-cert-v01@openssh.com,ssh-dss,ssh-dss-cert-v01@openssh.com
 
 # Don't use PAM because it may circumvent other authentication methods used
 # below (default).