[arch-general] SSH security

Thomas Bächler thomas at archlinux.org
Tue Jan 6 21:06:09 UTC 2015


Am 06.01.2015 um 14:29 schrieb Ido Rosen:
> Just wondering, how do Arch devs feel about implementing these
> recommendations by default in Arch's openssh package?  Or would this be
> something worthy of an AUR package?
> 
> https://stribika.github.io/2015/01/04/secure-secure-shell.html
> 
> Especially interested in the moduli, KexAlgorithms, and Cipher selection
> config changes.

I guess this would be a great topic for the Arch wiki. The latest
OpenSSH version supports all these fine things (like ed25519 ecdh).

If you want to improve things globally, try to talk to the OpenSSH
developers about their defaults.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-general/attachments/20150106/8939202b/attachment.bin>


More information about the arch-general mailing list