# Modified from K4YT3X Hardened OpenSSH Configuration AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE AcceptEnv XMODIFIERS # disallow automatically setting environment variables through ~/.ssh/environment PermitUserEnvironment no # disallow ssh-agent forwarding to prevent lateral movement AllowAgentForwarding no AllowTcpForwarding yes AllowStreamLocalForwarding yes # overrides all other forwarding switches DisableForwarding yes # disallow remote hosts from connecting to forwarded ports # i.e. forwarded ports are forced to bind to 127.0.0.1 instead of 0.0.0.0 GatewayPorts no # prevent tun device forwarding PermitTunnel no # suppress MOTD PrintMotd no # disable X11 forwarding since it is not necessary X11Forwarding no ########## Authentication ########## AuthenticationMethods publickey PasswordAuthentication no UsePAM no # challenge-response authentication backend it not configured by default # therefore, it is set to "no" by default to avoid the use of an unconfigured backend ChallengeResponseAuthentication no # set maximum authentication retries to prevent brute force attacks MaxAuthTries 3 # disallow connecting using empty passwords PermitEmptyPasswords no PermitRootLogin no PubkeyAuthentication yes ########## Cryptography ########## # explicitly define cryptography algorithms to avoid the use of weak algorithms # AES-CTR and Chacha20-Poly1305 modes have been removed to mitigate the Terrapin attack # https://terrapin-attack.com/ Ciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com HostKeyAlgorithms rsa-sha2-512,rsa-sha2-256,ssh-ed25519 MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com # only use host keys with secure HostKeyAlgorithms # omit the ECDSA key since it is only used in conjunction with the NIST P-curves HostKey /etc/ssh/ssh_host_ed25519_key #HostKey /etc/ssh/ssh_host_rsa_key # short moduli should be deactivated before enabling the use of diffie-hellman-group-exchange-sha256 # see this link for more details: https://github.com/k4yt3x/sshd_config#deactivating-short-diffie-hellman-moduli # AES-CTR and Chacha20-Poly1305 modes have been removed to mitigate the Terrapin attack # https://terrapin-attack.com/ # ecdh-sha2-nistp* algorithms have been removed due to concerns around NIST P-curves' design # https://github.com/jtesta/ssh-audit/issues/213#issuecomment-1774204745 KexAlgorithms sntrup761x25519-sha512@openssh.com,curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group18-sha512,diffie-hellman-group16-sha512 ########## Connection Preferences ########## # Debian-based distributions only # hide the Debian banner to prevent information disclosure # (e.g., `SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u3`) #DebianBanner no # number of client alive messages sent without client responding ClientAliveCountMax 2 # send a keepalive message to the client when the session has been idle for 300 seconds # this prevents/detects connection timeouts ClientAliveInterval 300 # compression before encryption might cause security issues Compression no # prevent SSH trust relationships from allowing lateral movements IgnoreRhosts yes # log verbosely for additional information #LogLevel VERBOSE # allow a maximum of two multiplexed sessions over a single TCP connection MaxSessions 2 # enforce SSH server to only use SSH protocol version 2 # SSHv1 contains security issues and should be avoided at all costs # SSHv1 is disabled by default after OpenSSH 7.0, but this option is # specified anyways to ensure this configuration file's compatibility # with older versions of OpenSSH server Protocol 2 # override default of no subsystems # path to the sftp-server binary depends on your distribution #Subsystem sftp /usr/lib/openssh/sftp-server #Subsystem sftp /usr/libexec/openssh/sftp-server Subsystem sftp internal-sftp # let ClientAliveInterval handle keepalive TCPKeepAlive no # disable reverse DNS lookups UseDNS no