1 # DOC: https://stribika.github.io/2015/01/04/secure-secure-shell.html
3 AuthorizedKeysFile %h/.ssh/authorized_keys
4 ChallengeResponseAuthentication no
5 Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
9 GSSAPIAuthentication no
10 #HostKey /etc/ssh/ssh_host_ed25519_key
11 HostKey /etc/ssh/ssh_host_rsa_key
12 HostbasedAuthentication no
14 IgnoreUserKnownHosts no
15 KerberosAuthentication no
16 KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
17 KeyRegenerationInterval 3600
18 ListenAddress 0.0.0.0:22
21 MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com
23 PasswordAuthentication no
24 PermitEmptyPasswords no
29 PubkeyAuthentication yes
31 RhostsRSAAuthentication no
37 UsePrivilegeSeparation yes
41 Subsystem sftp internal-sftp
45 ForceCommand internal-sftp