diff options
author | Bertrand Jacquin <bertrand@jacquin.bzh> | 2023-07-12 20:41:45 +0100 |
---|---|---|
committer | Bertrand Jacquin <bertrand@jacquin.bzh> | 2023-07-12 20:45:49 +0100 |
commit | a97af5bd865a5ef4aa3c242978bc5fdff644c9ce (patch) | |
tree | 02db614868e8c6013bc5fd653f61efcc13b70442 | |
parent | profiles/common: enable USE=gdbm for mail-mta/exim (diff) | |
download | portage-a97af5bd865a5ef4aa3c242978bc5fdff644c9ce.tar.xz |
factory-default/net-misc/openssh: enable ServerAliveInterval instead of
TCPKeepAlive
-rw-r--r-- | factory-default/net-misc/openssh/etc/ssh/ssh_config | 11 | ||||
-rw-r--r-- | factory-default/net-misc/openssh/etc/ssh/sshd_config | 5 |
2 files changed, 11 insertions, 5 deletions
diff --git a/factory-default/net-misc/openssh/etc/ssh/ssh_config b/factory-default/net-misc/openssh/etc/ssh/ssh_config index f4fa561f..bea2d57d 100644 --- a/factory-default/net-misc/openssh/etc/ssh/ssh_config +++ b/factory-default/net-misc/openssh/etc/ssh/ssh_config @@ -29,10 +29,10 @@ Host * # Ciphers allowed and their order of preference Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com - # Available KEX (Key Exchange) algorithms + # KEX (Key Exchange) algorithms KexAlgorithms curve25519-sha256@libssh.org - # MAC (message authentication code) algorithms in order of preference + # MAC (message authentication code) algorithms MACs hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com # Key types used for public key authentication @@ -61,3 +61,10 @@ Host * # Specifies revoked host public keys RevokedHostKeys /etc/ssh/ssh_revoked_hosts + + # Do not send TCP keepalive messages to the other side + TCPKeepAlive no + + # Interval in seconds after which, send a message through the encrypted + # channel to request a response from the server + ServerAliveInterval 15 diff --git a/factory-default/net-misc/openssh/etc/ssh/sshd_config b/factory-default/net-misc/openssh/etc/ssh/sshd_config index ba67af42..979756a4 100644 --- a/factory-default/net-misc/openssh/etc/ssh/sshd_config +++ b/factory-default/net-misc/openssh/etc/ssh/sshd_config @@ -76,8 +76,8 @@ X11Forwarding no # ~/.ssh/authorized_keys PermitUserEnvironment no -# Send TCP keepalive messages to the other side -TCPKeepAlive yes +# Do not send TCP keepalive messages to the other side +TCPKeepAlive no # Maximum number of authentication attempts permitted per connection MaxAuthTries 3 @@ -89,7 +89,6 @@ MaxSessions 2 # Send a message through the encrypted channel to request a response # from the client ClientAliveInterval 15 -ClientAliveCountMax 2 # Disable compression after the user has authenticated successfully Compression no |