From 0bad75788d91f1fb5d7ca7efad9e177c20011b4d Mon Sep 17 00:00:00 2001
From: Alan Orth <alan.orth@gmail.com>
Date: Sat, 24 Jul 2021 22:28:59 +0300
Subject: [PATCH] roles/common: Add encryption settings to Debian 11
 sshd_config

Mostly based on the ssh-audit policy for OpenSSH 8.4, but with any
algorithms using less than 256 bits removed. NSA's Suite B removed
these long ago, and the new CNSA suite only uses 256 and up.

See: https://github.com/jtesta/ssh-audit/blob/master/src/ssh_audit/policy.py
See: https://en.wikipedia.org/wiki/Commercial_National_Security_Algorithm_Suite
---
 roles/common/templates/sshd_config_Debian-11.j2 | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/roles/common/templates/sshd_config_Debian-11.j2 b/roles/common/templates/sshd_config_Debian-11.j2
index 995ddc7..aef9d93 100644
--- a/roles/common/templates/sshd_config_Debian-11.j2
+++ b/roles/common/templates/sshd_config_Debian-11.j2
@@ -122,6 +122,17 @@ Subsystem	sftp	/usr/lib/openssh/sftp-server
 #	AllowTcpForwarding no
 #	PermitTTY no
 #	ForceCommand cvs server
+ 
+# Based on the ssh-audit profile for OpenSSH 8.4, but with but with all algos
+# with less than 256 bits removed, as NSA's Suite B removed them years ago and
+# the new (2018) CNSA suite is 256 bits and up.
+#
+# See: https://github.com/jtesta/ssh-audit/blob/master/src/ssh_audit/policy.py
+# See: https://en.wikipedia.org/wiki/Commercial_National_Security_Algorithm_Suite
+Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes256-ctr
+MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
+KexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
+Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes256-ctr
 
 # only allow shell access by provisioning user
 AllowUsers {{ provisioning_user.name }}