ssh: only allow strong KexAlgorithms

The defaults include "diffie-hellman-group-exchange-sha256" which has incorrect fallback behaviour which reduces its strength and is flagged as warning by ssh-audit 3.0. This adds "diffie-hellman-group16-sha512" and "diffie-hellman-group18-sha512" which are recommended by ssh-audit 3.0. PL-131620
flyingcircusio · Jul 12, 2023 · a64c156 · a64c156
1 parent f726813
commit a64c156
Showing 1 changed file with 7 additions and 0 deletions.
diff --git a/nixos/platform/default.nix b/nixos/platform/default.nix
@@ -327,6 +327,13 @@ in {
       openssh.settings = {
         KbdInteractiveAuthentication = false;
         PasswordAuthentication = false;
+        KexAlgorithms = [
+          "sntrup761x25519-sha512@openssh.com"
+          "curve25519-sha256"
+          "curve25519-sha256@libssh.org"
+          "diffie-hellman-group16-sha512"
+          "diffie-hellman-group18-sha512"
+        ];
       };
 
       telegraf.enable = mkDefault true;