From dbec838a71e257d4b034c274b26b0f025b2042f4 Mon Sep 17 00:00:00 2001
From: Benjamin Hays <ben@benhays.org>
Date: Wed, 14 Aug 2024 11:32:43 -0400
Subject: [PATCH] Update SSH Configuration

---
 Ansible/openssh.yml | 2 +-
 Configs/sshd_config | 4 +++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/Ansible/openssh.yml b/Ansible/openssh.yml
index c80f2d7..bee9b34 100644
--- a/Ansible/openssh.yml
+++ b/Ansible/openssh.yml
@@ -25,7 +25,7 @@
         path: "/home/bhays/.ssh/"
         owner: bhays
         group: bhays
-        mode: "0600"
+        mode: "0770"
         state: directory
     - name: Copy public key
       ansible.builtin.copy:
diff --git a/Configs/sshd_config b/Configs/sshd_config
index 025460a..9b976c6 100644
--- a/Configs/sshd_config
+++ b/Configs/sshd_config
@@ -6,13 +6,15 @@ HostKey /etc/ssh/ssh_host_ed25519_key
 HostKey /etc/ssh/ssh_host_rsa_key
 HostKey /etc/ssh/ssh_host_ecdsa_key
 
-KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
+KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,curve25519-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,sntrup761x25519-sha512@openssh.com
 Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
 HostKeyAlgorithms ssh-ed25519,rsa-sha2-512,rsa-sha2-256
 MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com
 
 LogLevel VERBOSE
 
+AuthenticationMethods publickey
+
 MaxAuthTries 5
 MaxSessions 8