![]() ![]() # RhostsRSAAuthentication and HostbasedAuthentication # Change to yes if you don't trust ~/.ssh/known_hosts for # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts # but this is overridden so installations will only check. KexAlgorithms ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha256 HostKeyAlgorithms ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss # Lifetime and size of ephemeral version 1 server key ![]() # The default requires explicit activation of protocol 1 # semanage port -a -t ssh_port_t -p tcp #PORTNUMBER # If you want to change the port on a SELinux system, you have to tell # OpenSSH is to specify options with their default value where # The strategy used for options in the default sshd_config shipped with # This sshd was compiled with PATH=/usr/local/bin:/usr/bin # This is the sshd server system-wide configuration file. But everytime I rerun ssh -Q ciphers, the above list still shows. If I run ssh -Q cipher, this is the ssh]# ssh -Q I added the line for Ciphers line to sshd_config to specify the ciphers to use and restarted using systemctl restart sshd. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |