It’s good practice to harden our ssh client with some secure “defaults”.
Starting your configuration file with the following directives will
apply the directives to all (
(These are listed as multiple
Host * stanzas, but they can be
combined into a single stanza in your actual configuration file.)
If you prefer, follow along with an example of a complete ``~/.ssh/config` file <link://listing/secure-openssh-defaults/ssh_config>`__.
Require secure algorithms
OpenSSH supports many encryption and authentication algorithms, but some of those algorithms are known to be weak to cryptographic attack. The Mozilla project publishes a list of recommended algorithms that exclude algorithms that are known to be insecure.
Host * HostKeyAlgorithms firstname.lastname@example.org,email@example.com,ssh-ed25519,ssh-rsa,firstname.lastname@example.org,email@example.com,firstname.lastname@example.org,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256 Ciphers email@example.com,firstname.lastname@example.org,email@example.com,aes256-ctr,aes192-ctr,aes128-ctr MACs firstname.lastname@example.org,email@example.com,firstname.lastname@example.org,hmac-sha2-512,hmac-sha2-256,email@example.com KexAlgorithms firstname.lastname@example.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1
(More information on the the available encryption and authentication algorithms, and how a recommended set is derived, is available in this fantastic blog post, “Secure secure shell.”)
Every time you connect to an SSH server, your client caches a copy of
the remote server’s host key in a
~/.ssh/known_hosts file. If your
ssh client is ever compromised, this list can expose the remote servers
to attack using your compromised credentials. Be a good citizen and hash
your known hosts file.
Host * HashKnownHosts yes
(Hash any existing entries in your
~/.ssh/known_hosts file by
ssh-keygen -H. Don’t forget to remove the backup
$ ssh-keygen -H $ rm -i ~/.ssh/known_hosts.old
Host * UseRoaming no
Dealing with insecure servers
Some servers are old enough that they may not support the newer, more
secure algorithms listed. In the RC environment, for example, the login
and other Internet-accessible systems provide relatively modern ssh
algorithms; but the host in the
rc.int.colorado.edu domain may not.
To support connection to older hosts while requiring newer algorithms by default, override these settings earlier in the configuration file.
# Internal RC hosts are running an old version of OpenSSH Match host=*.rc.int.colorado.edu MACs hmac-sha1,email@example.com,hmac-ripemd160,firstname.lastname@example.org,hmac-sha1-96