> In fact, I'd restrict allowed SSH algorithms like this: > > Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com > MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com > KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256 Of course, if you do that, you'll want to make sure to revisit these lists every couple of years :-( Stefan