sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-06 00:00:47 -04:00
Code Issues Projects Releases Wiki Activity
strongswan/testing/hosts/default/etc/ssh/sshd_config
Tobias Brunner ab13c1c808 testing: Configure curve25519-sha256 as key exchange for SSH 
With Debian bookworm, the PQC KE sntrup761x25519-sha512 is negotiated, by
default.  This increases the overhead significantly, in particular, the
size of the KE message, which wouldn't get through IPsec tunnels without
MSS clamping.
2023-07-13 10:48:53 +02:00

16 lines
324 B
Plaintext
Raw Blame History

Port 22
Protocol 2
Ciphers aes128-gcm@openssh.com
KexAlgorithms curve25519-sha256
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
PermitRootLogin yes
StrictModes no
PubkeyAuthentication no
PermitEmptyPasswords yes
PrintMotd no
PrintLastLog no
UsePAM no
AcceptEnv LANG LC_*
AcceptEnv LEAK_DETECTIVE_LOG
Reference in New Issue View Git Blame Copy Permalink