aboutsummaryrefslogtreecommitdiff
path: root/templates/sshd_config/CentOS_7.erb
AgeCommit message (Collapse)Author
2015-05-07Adjust variable lookup in templates to silence deprecation warnings, fixes #1Jerome Charaoui
2015-05-04Implement enhanced MAC (Message Authentication Codes) according toMicah Anderson
installed version of openssh and https://stribika.github.io/2015/01/04/secure-secure-shell.html
2015-05-04Implement enhanced symmetric cipher selection, based onMicah Anderson
https://stribika.github.io/2015/01/04/secure-secure-shell.html and version of openssh installed
2015-05-04Implement KexAlgorithms settings, based on Key exchange section ofMicah Anderson
https://stribika.github.io/2015/01/04/secure-secure-shell.html Note, that on some systems it is uncertain if they will have a new enough version of openssh installed, so on those a version test is done to see before setting them.
2015-05-04Change 'hardened_ssl' paramter to simply 'hardened', this makes moreMicah Anderson
sense in general
2014-11-21Add a $hostkey_type variable that allows you to set which hostkeyMicah Anderson
types you want to support in your sshd_config. We use the ssh_version fact to determine the default hostkey types. Only enable rsa and ed25519 for ssh versions greater or equal to 6.5, otherwise enable rsa and dsa. Some distributions, such as debian, also enable ecdsa as a hostkey type, but this is a known bad NIST curve, so we do not enable that by default (thus deviating from the stock sshd config)
2014-08-15move to os release number on centos for selectionmh
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-16 01:44:55 +0000