common: sshd: Disable weak key algorithms

dehydrated
Felix Stupp 5 years ago
parent 505c85eb11
commit c110a24e9f
Signed by: zocker
GPG Key ID: 93E1BD26F6B02FB7

@ -113,6 +113,11 @@ AcceptEnv LANG LC_*
# override default of no subsystems
Subsystem sftp /usr/lib/openssh/sftp-server
# Disable weak key algorithms
HostKeyAlgorithms -ecdsa-sha2-nistp256
KexAlgorithms -diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521
MACs -hmac-sha1,hmac-sha2-256,hmac-sha2-512,umac-64@openssh.com,umac-128@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no

Loading…
Cancel
Save