Thought This Was Cool (+OpenSSH Config)

September 11, 2013February 27, 2021 fossjon

Daily NSA Edit: http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance

To choose a specific set of ciphers, hashes, and key exchanges for your OpenSSH server:

rm -fv *ec*key*

sshd_config

# Strongest
HostKey        /usr/local/etc/ssh_host_rsa_key
KexAlgorithms  diffie-hellman-group-exchange-sha256
Ciphers        aes256-cbc,aes256-ctr
MACs           hmac-sha2-512,hmac-sha2-256

# Tunneling
TCPKeepAlive     yes
PermitRootLogin  yes
PermitTunnel     point-to-point

3 thoughts on “Thought This Was Cool (+OpenSSH Config)”

Finally Able To Run My Own WPA2-AES EAP-TTLS FreeRadius Server (RasPi) | Jon's FOSS Blog says:

[…] Edit: For some basic OpenSSH cipher choices: Ignore the randomness […]

December 31, 2013 at 12:57 Reply
Quick Blog Summary | Jon's FOSS Blog says:

[…] OpenSSH Config […]

January 3, 2014 at 12:46 Reply
Quick Blog Summary | Jon's FOSS Blog says:

[…] OpenSSH Config [ Small Firewall ] [ SSH Tunnel ] […]

January 4, 2014 at 13:58 Reply

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

%d bloggers like this:

Share this:

Like this:

Related

3 thoughts on “Thought This Was Cool (+OpenSSH Config)”

Leave a Reply Cancel reply