Open GigabyteProductions opened 9 years ago
There is already a hardened SSH server configuration file, but this new SSH client configuration file will make OpenSSH SSH client prefer stronger ciphers and MACs when the server in question doesn't enforce stronger ciphers and MACs.
Maybe this should also change the HostKeyAlgorithms setting?
HostKeyAlgorithms
https://wiki.mozilla.org/Security/Guidelines/OpenSSH#Modern
Ah, I thought I was missing that somewhere, but for some reason, I was thinking that was an sshd_config setting.
There is already a hardened SSH server configuration file, but this new SSH client configuration file will make OpenSSH SSH client prefer stronger ciphers and MACs when the server in question doesn't enforce stronger ciphers and MACs.