Security-first SSH configurations.
| ssh | Remove comment | |
| sshd | Initial commit | |
| README.md | Document auditing | |
ssh-confs
Security-first SSH configurations.
Yes, this will probably break compatibility.
Tested using ssh-audit v3.3.0.
Testing
Below are instructions for testing the configurations.
Under general, key exchange algorithms, host-key algorithms, encryption algorithms,
and message authentication code algorithms you should only see green/info messages.
If you see yellow/red (warn/fail) messages, either these configurations are outdated or you have installed them incorrectly.
Prerequisites
Testing a server
ssh-audit <host> [-p <port>]
Testing a client
# Run a local server to audit the client
ssh-audit -c
# Connect to the server to audit the client configuration
# ssh-audit binds to port 2222 by default
ssh 127.0.0.1 -p 2222