Ubuntu
openssh package

new sshd standard configuration according to actual threads?

Asked by camikusch

As described here:
> https://stribika.github.io/2015/01/04/secure-secure-shell.html
several key exchange algorithms and symmetric ciphers seem ("seem" as im not a cryptography expert in any way) unsave.

Will new sshd-server packages contain a modified configuration which respect that?

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu openssh Edit question
Assignee:
No assignee Edit question
Solved by:
actionparsnip
Solved:
Last query:
Last reply:
Revision history for this message
Best actionparsnip (andrew-woodhead666) said : 		#1

You can report a bug to possibly implement this

Revision history for this message
camikusch (camikusch) said : 		#2

@actionparsnip looked up bug reports and feature requests.
it seems security enhancements to the sshd configuration are ignored to keep protocol compatibility with old (not updated) ssh-clients.

so if i want (NSA et al)-secure communication i have to change the configuration myself and deploy that to my boxes :/

Revision history for this message
camikusch (camikusch) said : 		#3

Thanks actionparsnip, that solved my question.

Revision history for this message
actionparsnip (andrew-woodhead666) said : 		#4

The communication end to end from client to server is secured. If you use SSH keys then it will help secure your connection.