From owner-freebsd-security@FreeBSD.ORG Mon Jan 12 23:05:45 2015 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 04EF2AD7 for ; Mon, 12 Jan 2015 23:05:45 +0000 (UTC) Received: from mail.koukaam.se (mail.koukaam.se [193.86.201.130]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "mail.koukaam.se", Issuer "KOUKAAM Certificate Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 78FC3C4F for ; Mon, 12 Jan 2015 23:05:44 +0000 (UTC) Received: from [192.168.1.38] (unassigned-84-246-166-118.ujezd.net [84.246.166.118]) (authenticated bits=0) by mail.koukaam.se (8.14.5/8.14.5) with ESMTP id t0CMsRM5044069 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Mon, 12 Jan 2015 23:54:32 +0100 (CET) (envelope-from knezour@weboutsourcing.cz) Message-ID: <54B45084.102@weboutsourcing.cz> Date: Mon, 12 Jan 2015 23:53:56 +0100 From: Ondra Knezour User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0 MIME-Version: 1.0 To: Greg Rivers , freebsd-security@freebsd.org Subject: Re: Securing SSH References: In-Reply-To: Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Jan 2015 23:05:45 -0000 Dne 12.1.2015 v 2:22 Greg Rivers napsal(a): > I came across an interesting article about more secure SSH > configurations. > [...] You may also want to consult The applied crypto hardening book draft at https://bettercrypto.org/ if you are looking for some "instant" security inspiration. -- Regards Ondra Knezour