eac77ef7b4
Collection of operational skills for VaultMesh infrastructure including: - backup-sovereign: Backup and recovery operations - btc-anchor: Bitcoin anchoring - cloudflare-tunnel-manager: Cloudflare tunnel management - container-registry: Container registry operations - disaster-recovery: Disaster recovery procedures - dns-sovereign: DNS management - eth-anchor: Ethereum anchoring - gitea-bootstrap: Gitea setup and configuration - hetzner-bootstrap: Hetzner server provisioning - merkle-forest: Merkle tree operations - node-hardening: Node security hardening - operator-bootstrap: Operator initialization - proof-verifier: Cryptographic proof verification - rfc3161-anchor: RFC3161 timestamping - secrets-vault: Secrets management 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
3.5 KiB
3.5 KiB
SSH Cipher Recommendations
Overview
This document explains the SSH cipher, MAC, and key exchange algorithm choices used in the node-hardening skill's sshd_config template.
Current Recommendations (2024)
Ciphers (Encryption)
| Cipher | Recommendation | Notes |
|---|---|---|
| chacha20-poly1305@openssh.com | Recommended | Modern, fast, constant-time |
| aes256-gcm@openssh.com | Recommended | Strong, hardware-accelerated |
| aes128-gcm@openssh.com | Acceptable | Fast, hardware-accelerated |
| aes256-ctr | Acceptable | Legacy compatibility |
| aes128-ctr | Acceptable | Legacy compatibility |
| 3des-cbc | Avoid | Deprecated, slow |
| arcfour | Avoid | Broken |
MACs (Message Authentication)
| MAC | Recommendation | Notes |
|---|---|---|
| hmac-sha2-512-etm@openssh.com | Recommended | Encrypt-then-MAC, strongest |
| hmac-sha2-256-etm@openssh.com | Recommended | Encrypt-then-MAC |
| umac-128-etm@openssh.com | Acceptable | Fast, Encrypt-then-MAC |
| hmac-sha2-512 | Acceptable | No ETM |
| hmac-sha2-256 | Acceptable | No ETM |
| hmac-sha1 | Avoid | Deprecated |
| hmac-md5 | Avoid | Broken |
Key Exchange (KEX)
| KEX Algorithm | Recommendation | Notes |
|---|---|---|
| curve25519-sha256 | Recommended | Modern, safe curve |
| curve25519-sha256@libssh.org | Recommended | Same, legacy name |
| diffie-hellman-group16-sha512 | Acceptable | 4096-bit DH |
| diffie-hellman-group18-sha512 | Acceptable | 8192-bit DH |
| diffie-hellman-group14-sha256 | Acceptable | 2048-bit DH |
| diffie-hellman-group1-sha1 | Avoid | Weak, deprecated |
| diffie-hellman-group-exchange-sha1 | Avoid | SHA1 deprecated |
Host Key Algorithms
| Algorithm | Recommendation | Notes |
|---|---|---|
| ssh-ed25519 | Recommended | Modern, compact |
| rsa-sha2-512 | Recommended | RSA with SHA2 |
| rsa-sha2-256 | Recommended | RSA with SHA2 |
| ecdsa-sha2-nistp256 | Acceptable | NIST curve concerns |
| ssh-rsa | Avoid | SHA1 deprecated |
| ssh-dss | Avoid | Weak |
Template Configuration
The sshd_config template uses:
# Strong ciphers only
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com
# Encrypt-then-MAC only
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
# Modern key exchange
KexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org
# Preferred host key algorithms
HostKeyAlgorithms ssh-ed25519,rsa-sha2-512,rsa-sha2-256
Compatibility Notes
Minimum Client Versions
These settings require:
- OpenSSH 7.3+ (released 2016)
- PuTTY 0.68+ (released 2017)
Legacy Client Support
If you need to support older clients, add fallback options:
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes256-ctr
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-256
KexAlgorithms curve25519-sha256,diffie-hellman-group16-sha512
Testing Configuration
After applying changes, test with:
# Check server offerings
ssh -Q cipher
ssh -Q mac
ssh -Q kex
# Test connection with verbose output
ssh -vvv user@server
# Audit with ssh-audit (recommended)
pip install ssh-audit
ssh-audit localhost