This is based on supported algorithms under FreeBSD 13.2 RELEASE, reported by ssh -Q kex and ssh -Q key, and some pointers from the Ubuntu 22.02 LTS SSH hardening guide.
KexAlgorithms inserted sntrup761x25519-sha512@openssh.com as primary.
HostKeyAlgorithms added sk-ssh-ed25519@openssh.com and sk-ssh-ed25519-cert-v01@openssh.com.
Successfully tested host of FreeBSD 13.2 RELEASE (Arch client). I submit this for scrutiny by those with undoubtedly better knowledge of the algorithms than I.
This is based on supported algorithms under FreeBSD 13.2 RELEASE, reported by
ssh -Q kexandssh -Q key, and some pointers from the Ubuntu 22.02 LTS SSH hardening guide.sntrup761x25519-sha512@openssh.comas primary.sk-ssh-ed25519@openssh.comandsk-ssh-ed25519-cert-v01@openssh.com.rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com.Successfully tested host of FreeBSD 13.2 RELEASE (Arch client). I submit this for scrutiny by those with undoubtedly better knowledge of the algorithms than I.