Bug#774711: recommendations for changing openssh defaults

[Matt Taggart <taggart@debian.org>]

Jens Thiele writes:
> Hi,
> 
> thanks for your great work

I should make it clear, I was only applying the advice I found in

  https://stribika.github.io/2015/01/04/secure-secure-shell.html

to what versions exist in Debian, stribika and others get credit for that 
work.

Also I realized I had some mistakes in my charts/recommendations:

* I forgot to fill in the Kex stretch column (but it's the same as sid)
* I said "aes*-gcm: since squeeze" but it's only existed since jessie
* I said to keep aes*-cbc, but the above page doesn't list them in the
  recommended Ciphers list (I guess they aren't AE?), so drop them.

So for current openssh communicating with squeeze, that leaves only

Ciphers aes256-ctr,aes192-ctr,aes128-ctr
MACs hmac-sha2-512,hmac-sha2-256,hmac-ripemd160

in common but it will still work. I haven't looked at lenny.

> > * diffie-hellman-group-exchange-sha256: has existed since squeeze at least
> 
> Afair I have seen small default primes with this one. Did you inspect this?

I didn't.

-- 
Matt Taggart
taggart@debian.org