Difference between revisions of "Sshd"
Jump to navigation
Jump to search
| Line 24: | Line 24: | ||
``` | ``` | ||
sudo nmap -sV --script ssh2-enum-algos ssh.example.org -p 22 | sudo nmap -sV --script ssh2-enum-algos ssh.example.org -p 22 | ||
| + | ``` | ||
| + | |||
| + | Dockerfile run in foreground | ||
| + | ``` | ||
| + | EXPOSE 22 | ||
| + | CMD ["/usr/sbin/sshd", "-D"] | ||
| + | |||
``` | ``` | ||
Revision as of 22:51, 17 October 2023
Secure with specific ciphers
~]$ sudo sshd -T | grep ^macs macs umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512 ~]$ sudo sshd -T | grep ^kexa kexalgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512
/etc/ssh/sshd_config
kexalgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512 macs umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512
sudo systemctl restart sshd
Check via ssh scan
which is probably this parsed and prettied
sudo nmap -sV --script ssh2-enum-algos ssh.example.org -p 22
Dockerfile run in foreground
EXPOSE 22 CMD ["/usr/sbin/sshd", "-D"]