Re: auth log full with
Hi.
On Sun, Aug 14, 2022 at 09:16:25AM -0400, Stefan Monnier wrote:
> > In fact, I'd restrict allowed SSH algorithms like this:
> >
> > Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com
> > MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com
> > KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
>
> Of course, if you do that, you'll want to make sure to revisit these
> lists every couple of years :-(
That goes without saying. Executing 'ssh -Q chiper' now and then is a
good habit to have.
Reco
Reply to: