Configurable SSH key exchange algorithm and MAC suite (#2806)

author: Cum Gun <cumgun@users.noreply.github.com> 2017-11-02 16:26:41 +0100
committer: Lunny Xiao <xiaolunwen@gmail.com> 2017-11-02 23:26:41 +0800
commit: eecaba20310483f64e0e4500fa3ac85e23ced18e (patch)
tree: 42a1525202072337feda5795596d27db9f89690d /conf
parent: d94e2a1c22ae18e8439aa4ebd49884c70095619b (diff)
download: gitea-eecaba20310483f64e0e4500fa3ac85e23ced18e.tar.gz
gitea-eecaba20310483f64e0e4500fa3ac85e23ced18e.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/conf/app.ini b/conf/app.ini
index 491f38164b..07c60ea0a9 100644
--- a/conf/app.ini
+++ b/conf/app.ini
@@ -128,6 +128,12 @@ SSH_ROOT_PATH =
 ; For built-in SSH server only, choose the ciphers to support for SSH connections,
 ; for system SSH this setting has no effect
 SSH_SERVER_CIPHERS = aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, arcfour256, arcfour128
+; For built-in SSH server only, choose the key exchange algorithms to support for SSH connections,
+; for system SSH this setting has no effect
+SSH_SERVER_KEY_EXCHANGES = diffie-hellman-group1-sha1, diffie-hellman-group14-sha1, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, curve25519-sha256@libssh.org
+; For built-in SSH server only, choose the MACs to support for SSH connections,
+; for system SSH this setting has no effect
+SSH_SERVER_MACS = hmac-sha2-256-etm@openssh.com, hmac-sha2-256, hmac-sha1, hmac-sha1-96
 ; Directory to create temporary files when test public key using ssh-keygen,
 ; default is system temporary directory.
 SSH_KEY_TEST_PATH =
author	Cum Gun <cumgun@users.noreply.github.com>	2017-11-02 16:26:41 +0100
committer	Lunny Xiao <xiaolunwen@gmail.com>	2017-11-02 23:26:41 +0800
commit	eecaba20310483f64e0e4500fa3ac85e23ced18e (patch)
tree	42a1525202072337feda5795596d27db9f89690d /conf
parent	d94e2a1c22ae18e8439aa4ebd49884c70095619b (diff)
download	gitea-eecaba20310483f64e0e4500fa3ac85e23ced18e.tar.gz gitea-eecaba20310483f64e0e4500fa3ac85e23ced18e.zip