fix(ssh): respect per-host configuration

This commit is contained in:
George Rawlinson 2019-05-30 20:05:18 +12:00
parent feb350131f
commit f3d265be06
Signed by: grawlinson
GPG key ID: E0959FEA8B550539

View file

@ -1,6 +1,10 @@
# Ensure KnownHosts are unreadable if leaked - it is otherwise easier to know which hosts your keys have access to.
# Ensure KnownHosts are unreadable if leaked - it is otherwise easier to know
# which hosts your keys have access to
HashKnownHosts yes
# Load host-specific parameters before general parameters below
Include ~/.ssh/config.d/*
# Host keys the client accepts - order here is honored by OpenSSH
HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256
@ -8,4 +12,3 @@ KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp256
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
Include ~/.ssh/config.d/*