Skip to content

Commit add303f

Browse files
schurzischurzi
authored
Merge pull request #437 from BenjaminBoehm/bugfix/ssh-kex-sntrup-openssh8.5
Fix ssh kex [email protected] for openssh >= 8.5
2 parents 03a0f26 + 29ee683 commit add303f

File tree

2 files changed

+10
-0
lines changed

2 files changed

+10
-0
lines changed

roles/ssh_hardening/tasks/crypto_kex.yml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,3 +13,8 @@
1313
set_fact:
1414
ssh_kex: '{{ ssh_kex_80_default }}'
1515
when: sshd_version is version('8.0', '>=')
16+
17+
- name: Set kex according to openssh-version if openssh >= 8.5
18+
set_fact:
19+
ssh_kex: '{{ ssh_kex_85_default }}'
20+
when: sshd_version is version('8.5', '>=')

roles/ssh_hardening/vars/main.yml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -50,3 +50,8 @@ ssh_kex_80_default:
5050
- [email protected]
5151
- [email protected]
5252
- diffie-hellman-group-exchange-sha256
53+
54+
ssh_kex_85_default:
55+
- [email protected]
56+
- [email protected]
57+
- diffie-hellman-group-exchange-sha256

0 commit comments

Comments
 (0)