mirror of
https://github.com/jtesta/ssh-audit.git
synced 2024-12-23 01:21:07 +01:00
Updated OPNsense 20.1.2 and newer (markdown)
parent
f059382b72
commit
65f17f64da
@ -61,4 +61,4 @@ A good starting point is to select the following options for maximum compatibili
|
||||
- MACs: `hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com`
|
||||
- HostKeyAlgorithms: `ssh-ed25519,ssh-ed25519-cert-v01@openssh.com`
|
||||
|
||||
The ordering of the above algorithms represent the best-choice-first mentality, so if you select only the `*25519*` options for KEX and HostKey, and the first ones for the others, it's the best trade-off between speed and security. Otherwise, choose your own preferred algorithms depending on your use case or threat model.
|
||||
The ordering of the above algorithms represent the best-choice-first mentality, so if you select only the `*25519*` options for KEX and HostKey, and the first ones for the others, it's the best trade-off between speed and security while forcing the SSH client to only use these. Otherwise, choose your own preferred algorithms depending on your use case or threat model.
|
Loading…
Reference in New Issue
Block a user