new sshd standard configuration according to actual threads?

Asked by camikusch on 2015-01-31

As described here:
> https://stribika.github.io/2015/01/04/secure-secure-shell.html
several key exchange algorithms and symmetric ciphers seem ("seem" as im not a cryptography expert in any way) unsave.

Will new sshd-server packages contain a modified configuration which respect that?

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu openssh Edit question
Assignee:
No assignee Edit question
Solved by:
actionparsnip
Solved:
2015-01-31
Last query:
2015-01-31
Last reply:
2015-01-31

You can report a bug to possibly implement this

camikusch (camikusch) said : #2

@actionparsnip looked up bug reports and feature requests.
it seems security enhancements to the sshd configuration are ignored to keep protocol compatibility with old (not updated) ssh-clients.

so if i want (NSA et al)-secure communication i have to change the configuration myself and deploy that to my boxes :/

camikusch (camikusch) said : #3

Thanks actionparsnip, that solved my question.

The communication end to end from client to server is secured. If you use SSH keys then it will help secure your connection.