VerifyHostKeyDNS yes
HostbasedAcceptedAlgorithms -*rsa*,*sha*,*dsa*,*dss*
HostKeyAlgorithms -*rsa*,*sha*,*dsa*,*dss*
#Disable all DH, ECDH, and GSS key exchanges, only curve25519 is good
KexAlgorithms -diffie-hellman*,ecdh-sha2*,gss-g*
#Disable CBC ciphers, 128 and 192 bit ciphers, and cahacha (prevent
#terrapin attack)
Ciphers -*cbc*,*128-*,*192-*,*chacha20-poly1305*
#Disable all MD5, 64-bit, 96-bit, SHA1 MACs, and a few remaining non-ETM MACs
#Note: MACs are only used with non-GCM ciphers, this option is specified in-
#case OpenSSH adds a CTR cipher at a later date that IS affected by the MACs
#option
MACs -*-md5*,*-64*,*-96*,*-sha1*,[email protected],hmac-sha2-256*,hmac-sha2-512*

You are viewing proxied material from gopher.zcrayfish.soy. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.