Commit Graph

11 Commits

Author SHA1 Message Date
Daniel Micay
84ca6bfa27 sshd: sntrup761x25519-sha512@openssh.com kex only 2022-07-22 19:55:59 -04:00
Daniel Micay
d7c23eac02 disable unused AES-GCM cipher suites 2022-07-22 19:11:28 -04:00
Daniel Micay
1a195570c8 sshd: disable unused agent forwarding feature
This is a misguided feature and while this doesn't meaningfully reduce
attack surface, it makes sense not to enable it.
2022-07-11 19:57:42 -04:00
Daniel Micay
f1005cf339 user-based whitelist for ssh access 2021-11-27 20:33:48 -05:00
Daniel Micay
87db85274a sshd: raise MaxStartups to 4096 2021-09-06 02:42:22 -04:00
Daniel Micay
c315170cd6 sshd: reduce MaxAuthTries to 2 2021-09-06 02:38:16 -04:00
Daniel Micay
f56f094c97 sshd: limit per-source max startups to 1 2021-09-06 02:38:08 -04:00
Daniel Micay
43681fa913 sshd: reduce LoginGraceTime to 15s 2021-09-06 02:38:06 -04:00
Daniel Micay
613251176d explicitly disable all standalone MACs (AEAD only) 2021-08-23 09:23:16 -04:00
Daniel Micay
566a7e2ccb update to OpenSSH 8.7 2021-08-23 02:37:28 -04:00
Daniel Micay
d24d24926a add subset of shared configuration files 2021-07-28 08:23:04 -04:00