Revision as of 00:09, 7 January 2021

Secure with specific ciphers

~]$ sudo sshd -T | grep ^macs
macs umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512
~]$ sudo sshd -T | grep ^kexa
kexalgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512

/etc/ssh/sshd_config

kexalgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512
macs umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512

sudo systemctl restart sshd

Check via ssh scan

https://sshcheck.com/

which is probably this parsed and prettied

sudo nmap -sV --script ssh2-enum-algos ssh.example.org -p 22

Difference between revisions of "Sshd"

Revision as of 00:09, 7 January 2021

Secure with specific ciphers

Check via ssh scan

Navigation menu

Search