sshd_config: Use stronger algorithms.

author Simon Ruderich <simon@ruderich.org>

Mon, 6 Jan 2014 13:39:15 +0000 (14:39 +0100)

committer Simon Ruderich <simon@ruderich.org>

Mon, 6 Jan 2014 13:39:15 +0000 (14:39 +0100)
author Simon Ruderich <simon@ruderich.org>
Mon, 6 Jan 2014 13:39:15 +0000 (14:39 +0100)
committer Simon Ruderich <simon@ruderich.org>
Mon, 6 Jan 2014 13:39:15 +0000 (14:39 +0100)
diff --git a/sshd_config b/sshd_config

index dbb774eb7151bf57580af68076a1764488be0bbf..47d857762fd8fd647763a2f2f38615279c872b78 100644 (file)
--- a/sshd_config
+++ b/sshd_config
@@ -25,6 +25,11 @@ Port 22
  # Only use protocol 2. Protocol 1 is insecure. (default)
  Protocol 2
  
+# Stronger algorithms. See ssh_config for details.
+KexAlgorithms diffie-hellman-group-exchange-sha256
+Ciphers aes256-ctr
+MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-512
+
  # Use privilege separation for increased security. "sandbox" applies
  # additional restrictions on the unprivileged process.
  UsePrivilegeSeparation sandbox
author	Simon Ruderich <simon@ruderich.org>
	Mon, 6 Jan 2014 13:39:15 +0000 (14:39 +0100)
committer	Simon Ruderich <simon@ruderich.org>
	Mon, 6 Jan 2014 13:39:15 +0000 (14:39 +0100)