coreos-base/misc-files: Drop Ciphers, MACs, KexAlgorithms from sshd conf

chewi · chewi · commit fdab8b4d3593 · 2026-01-06T11:55:15.000Z
Setting an absolute list was preventing newer options from being enabled, leading to this scary error message from newer clients. $ ssh flatcar Warning: Permanently added '[127.0.0.1]:2222' (ED25519) to the list of known hosts. ** WARNING: connection is not using a post-quantum key exchange algorithm. ** This session may be vulnerable to "store now, decrypt later" attacks. ** The server may need to be upgraded. See https://openssh.com/pq.html Last login: Wed Oct 15 10:05:46 UTC 2025 from 10.0.2.2 on pts/0 Flatcar Container Linux by Kinvolk beta 4426.1.0 for QEMU After going through each of the options, the only ones we were adding above the current 10.2p1 defaults were the diffie-hellman-group KEX algorithms. These were dropped upstream in 2024 because they are slower while providing no benefit over other options. The continued presence of ecdh-sha2-nistp256 ensures compatibility with default clients at least as far back as 2016. I think we should just continue to follow the upstream defaults unless some significant client breakage is reported. They're usually quite forgiving. The order of these is significant, and our order did differ from upstream's slightly, but I trust their order over ours. Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
diff --git a/changelog/changes/2026-01-02-sshd-config.md b/changelog/changes/2026-01-02-sshd-config.md
@@ -0,0 +1 @@
+- Dropped Ciphers, MACs, and KexAlgorithms from the sshd configuration so that the OpenSSH upstream defaults are used. This introduces post-quantum key exchange algorithms for better security. ([Flatcar#1921](https://github.com/flatcar/Flatcar/issues/1921)). Users requiring legacy Ciphers, MACs, and/or KexAlgos can override / re-enable this by deploying a custom drop-in config  to `/etc/ssh/sshd_config.d/`.
diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/misc-files/files/openssh/50-flatcar-sshd.conf b/sdk_container/src/third_party/coreos-overlay/coreos-base/misc-files/files/openssh/50-flatcar-sshd.conf
@@ -16,10 +16,6 @@ PrintLastLog no
 PrintMotd no
 # END SETTINGS KEPT FOR COMPATIBILITY
 
-Ciphers chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
-MACs hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,umac-128-etm@openssh.com,umac-128@openssh.com
-KexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
-
 # Temporarily accept ssh-rsa algorithm for openssh >= 8.8,
 # until most ssh clients could deprecate ssh-rsa.
 HostkeyAlgorithms +ssh-rsa
diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/misc-files/misc-files-0-r9.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-base/misc-files/misc-files-0-r9.ebuild

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	+- Dropped Ciphers, MACs, and KexAlgorithms from the sshd configuration so that the OpenSSH upstream defaults are used. This introduces post-quantum key exchange algorithms for better security. ([Flatcar#1921](https://github.com/flatcar/Flatcar/issues/1921)). Users requiring legacy Ciphers, MACs, and/or KexAlgos can override / re-enable this by deploying a custom drop-in config to `/etc/ssh/sshd_config.d/`.