[1/3] SSH client configuration: Use Protocol version 2 only

Message ID 20180912175045.7636-1-peter.mueller@link38.eu
State Dropped
Headers show
Series [1/3] SSH client configuration: Use Protocol version 2 only | expand

Commit Message

Peter Müller Sept. 13, 2018, 3:50 a.m. UTC
SSH Protocol version 1 is insecure and must not be used anymore.
Restrict SSH client configuration to ensure only version 2 is used.

Signed-off-by: Peter Müller <peter.mueller@link38.eu>
---
 config/ssh/ssh_config | 3 +++
 1 file changed, 3 insertions(+)

Patch

diff --git a/config/ssh/ssh_config b/config/ssh/ssh_config
index 2abfae6d1..b36909f85 100644
--- a/config/ssh/ssh_config
+++ b/config/ssh/ssh_config
@@ -5,6 +5,9 @@  Host *
         # disable Roaming as it is known to be vulnerable
         UseRoaming no
 
+	# only use version 2 of SSH protocol
+	Protocol 2
+
         # only use secure crypto algorithm
         KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
         Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr