1. Forum
  2. Usenet
  3. LINUX.DEBIAN.SECURITY

  • Use ~/.ssh/config

    From Stephan =?ISO-8859-1?Q?Verb=FCcheln@21:1/5 to Chris Boot on Tue May 13 14:20:01 2025
    On Tue, 2025-05-13 at 11:39 +0100, Chris Boot wrote:
    I don't think that your software _should_ offer cipher selection
    options to override SSH defaults at all, instead just using the
    default options.

    I second this. This way, the secure defaults will evolve over time with
    future releases of OpenSSH and Debian.

    If necessary, I recommend to define non-default settings on a per-host
    basis in:

    ~/.ssh/config

    This is out of scope for rsync and Back in Time.

    Regards
    Stephan

    -----BEGIN PGP SIGNATURE-----

    iHUEABYKAB0WIQRB1rjSpCJd8a7h6mNgNUJZCjx8YgUCaCM27AAKCRBgNUJZCjx8 Yv7hAQDOFtWmFwhgdiANk+OQTQvAruLKyLeVOYTFwwuGFgAn5wD+OBjaznTDdeMy m86FSTYCuDQ2tUky5MvRq48Vf4l62Ac=
    =CbEJ
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)