# Only use protocol 2. Protocol 1 is insecure. (default)
Protocol 2
+# Stronger algorithms. See ssh_config for details.
+KexAlgorithms diffie-hellman-group-exchange-sha256
+Ciphers aes256-ctr
+MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-512
+
# Use privilege separation for increased security. "sandbox" applies
# additional restrictions on the unprivileged process.
UsePrivilegeSeparation sandbox
# Allow more sessions per network connection (e.g. from ControlMaster/-M).
# When not enough sessions are available this message is sent by ssh:
# "mux_client_request_session: session request failed: Session open refused by
-# peer". Not necessary on all servers.
-#MaxSessions 30
+# peer".
+MaxSessions 30
# Don't accept any environment variables from the client (default).
AcceptEnv