ssh ciphers, key-exchanges, and macs

master
Marek Isalski 4 years ago
parent 2010802ef5
commit 5754e0209f

@ -1444,9 +1444,23 @@ service {
} }
ssh { ssh {
listen-address {{ pillar['service']['ssh']['listen-address'] }} listen-address {{ pillar['service']['ssh']['listen-address'] }}
ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr ciphers chacha20-poly1305@openssh.com
key-exchange curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256 ciphers aes256-gcm@openssh.com
mac hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com ciphers aes128-gcm@openssh.com
ciphers aes256-ctr
ciphers aes192-ctr
ciphers aes128-ctr
key-exchange curve25519-sha256@libssh.org
key-exchange ecdh-sha2-nistp521
key-exchange ecdh-sha2-nistp384
key-exchange ecdh-sha2-nistp256
key-exchange diffie-hellman-group-exchange-sha256
mac hmac-sha2-512-etm@openssh.com
mac hmac-sha2-256-etm@openssh.com
mac umac-128-etm@openssh.com
mac hmac-sha2-512
mac hmac-sha2-256
mac umac-128@openssh.com
} }
} }

Loading…
Cancel
Save