SSH Hardening Guides

Below are guides to hardening SSH on various systems. Note that following them may not result in a perfect auditing score, as not all packaged SSH server versions support the required options. However, these instructions will result in the best possible score.

These guides were inspired by this document (which is now out-dated).

Server Guides:

  1. Ubuntu 20.04 LTS
  2. Ubuntu 18.04 LTS
  3. Ubuntu 16.04 LTS
  4. Ubuntu Core 18
  5. Ubuntu Core 16
  6. RedHat Enterprise Linux 8 / CentOS 8
  7. RedHat Enterprise Linux 7 / CentOS 7
  8. pfSense 2.4

Client Guides:

  1. Ubuntu 20.04 LTS / Linux Mint 20
  2. Ubuntu 18.04 LTS / Linux Mint 19
  3. Ubuntu 16.04 LTS / Linux Mint 18

Community-Developed Guides:

The following guides have been written by the community. They have not been officially tested, and are not officially supported:

  1. OPNsense 20.1.2 and newer

Instructions for submitting a hardening guide can be found here.

Legacy Guides:

  1. Ubuntu 14.04 LTS
  2. OpenBSD 6.2


Ubuntu 20.04 LTS Server Last modified: July 27, 2020

Note: all commands below are to be executed as the root user.

  1. Re-generate the RSA and ED25519 keys

    rm /etc/ssh/ssh_host_*
    ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key -N ""
    ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N ""
  2. Remove small Diffie-Hellman moduli

    awk '$5 >= 3071' /etc/ssh/moduli > /etc/ssh/moduli.safe
    mv /etc/ssh/moduli.safe /etc/ssh/moduli
  3. Enable the RSA and ED25519 keys

    Enable the RSA and ED25519 HostKey directives in the /etc/ssh/sshd_config file:

    sed -i 's/^\#HostKey \/etc\/ssh\/ssh_host_\(rsa\|ed25519\)_key$/HostKey \/etc\/ssh\/ssh_host_\1_key/g' /etc/ssh/sshd_config
  4. Restrict supported key exchange, cipher, and MAC algorithms

    echo -e "\n# Restrict key exchange, cipher, and MAC algorithms, as per sshaudit.com\n# hardening guide.\nKexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha256\nCiphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\nMACs hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com\nHostKeyAlgorithms ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-512,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com" > /etc/ssh/sshd_config.d/ssh-audit_hardening.conf
  5. Restart OpenSSH server

    service ssh restart

Note: Because of a bug in OpenSSH, 2048-bit DH moduli will still be used in some limited circumstances. Only a maximum score of 95% is possible.


Ubuntu 18.04 LTS Server Last modified: February 8, 2020

Note: all commands below are to be executed as the root user.

  1. Re-generate the RSA and ED25519 keys

    rm /etc/ssh/ssh_host_*
    ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key -N ""
    ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N ""
  2. Remove small Diffie-Hellman moduli

    awk '$5 >= 3071' /etc/ssh/moduli > /etc/ssh/moduli.safe
    mv /etc/ssh/moduli.safe /etc/ssh/moduli
  3. Disable the DSA and ECDSA host keys

    Comment out the DSA and ECDSA HostKey directives in the /etc/ssh/sshd_config file:

    sed -i 's/^HostKey \/etc\/ssh\/ssh_host_\(dsa\|ecdsa\)_key$/\#HostKey \/etc\/ssh\/ssh_host_\1_key/g' /etc/ssh/sshd_config
  4. Restrict supported key exchange, cipher, and MAC algorithms

    echo -e "\n# Restrict key exchange, cipher, and MAC algorithms, as per sshaudit.com\n# hardening guide.\nKexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha256\nCiphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\nMACs hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com\nHostKeyAlgorithms ssh-ed25519,ssh-ed25519-cert-v01@openssh.com" >> /etc/ssh/sshd_config
  5. Restart OpenSSH server

    service ssh restart

Note: Because of a bug in OpenSSH, 2048-bit DH moduli will still be used in some limited circumstances. Only a maximum score of 95% is possible.


Ubuntu 16.04 LTS Server Last modified: July 6, 2020

Note: all commands below are to be executed as the root user.

  1. Re-generate ED25519 key

    rm /etc/ssh/ssh_host_*
    ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N ""
  2. Remove small Diffie-Hellman moduli

    awk '$5 >= 3071' /etc/ssh/moduli > /etc/ssh/moduli.safe
    mv /etc/ssh/moduli.safe /etc/ssh/moduli
  3. Disable the RSA, DSA, and ECDSA host keys

    Comment out the RSA, DSA and ECDSA HostKey directives in the /etc/ssh/sshd_config file:

    sed -i 's/^HostKey \/etc\/ssh\/ssh_host_\(rsa\|dsa\|ecdsa\)_key$/\#HostKey \/etc\/ssh\/ssh_host_\1_key/g' /etc/ssh/sshd_config
  4. Restrict supported key exchange, cipher, and MAC algorithms

    echo -e "\n# Restrict key exchange, cipher, and MAC algorithms, as per sshaudit.com\n# hardening guide.\nKexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256\nCiphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\nMACs hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com" >> /etc/ssh/sshd_config
  5. Restart OpenSSH server

    service ssh restart

Note: Because of a bug in OpenSSH, 2048-bit DH moduli will still be used in some limited circumstances. Only a maximum score of 95% is possible.


Ubuntu 14.04 LTS Server Last modified: October 17, 2017

Note: all commands below are to be executed as the root user.

  1. Re-generate the RSA and ED25519 keys

    rm /etc/ssh/ssh_host_*
    ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key -N ""
    ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N ""
  2. Remove small Diffie-Hellman moduli

    awk '$5 >= 3071' /etc/ssh/moduli > /etc/ssh/moduli.safe
    mv /etc/ssh/moduli.safe /etc/ssh/moduli
  3. Disable the DSA and ECDSA host keys

    Comment out the DSA and ECDSA HostKey directives in the /etc/ssh/sshd_config file:

    sed -i 's/^HostKey \/etc\/ssh\/ssh_host_\(dsa\|ecdsa\)_key$/\#HostKey \/etc\/ssh\/ssh_host_\1_key/g' /etc/ssh/sshd_config
  4. Restrict supported key exchange, cipher, and MAC algorithms

    echo -e "\n# Restrict key exchange, cipher, and MAC algorithms, as per sshaudit.com\n# hardening guide.\nKexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256\nCiphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\nMACs hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com" >> /etc/ssh/sshd_config
  5. Restart OpenSSH server

    service ssh restart

Note: Because of a bug in OpenSSH, 2048-bit DH moduli will still be used in some limited circumstances. Only a maximum score of 95% is possible.


Ubuntu Core 18 Server Last modified: October 6, 2019

Note: all commands below are to be executed as the root user.

  1. Re-generate the RSA and ED25519 keys

    Note: It is highly recommended that you run the ssh-keygen commands below on another host. Some IoT devices do not have good entropy sources to generate sufficient keys with!

    ssh-keygen -t rsa -b 4096 -f ssh_host_rsa_key -N ""
    ssh-keygen -t ed25519 -f ssh_host_ed25519_key -N ""


    Be sure to upload the following 4 files to the target device's /etc/ssh directory:
    • ssh_host_ed25519_key
    • ssh_host_ed25519_key.pub
    • ssh_host_rsa_key
    • ssh_host_rsa_key.pub
  2. Remove small Diffie-Hellman moduli

    awk '$5 >= 3071' /etc/ssh/moduli > /etc/ssh/moduli.safe
    mv /etc/ssh/moduli.safe /etc/ssh/moduli
  3. Restrict supported key exchange, cipher, and MAC algorithms

    echo -e "\n# Only enable RSA and ED25519 host keys.\nHostKey /etc/ssh/ssh_host_rsa_key\nHostKey /etc/ssh/ssh_host_ed25519_key\n\n# Restrict key exchange, cipher, and MAC algorithms, as per sshaudit.com\n# hardening guide.\nKexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha256\nCiphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\nMACs hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com" >> /etc/ssh/sshd_config
  4. Restart OpenSSH server

    service ssh reload

Note: Because of a bug in OpenSSH, 2048-bit DH moduli will still be used in some limited circumstances. Only a maximum score of 95% is possible.


Ubuntu Core 16 Server Last modified: October 17, 2017

Note: all commands below are to be executed as the root user.

  1. Re-generate the RSA and ED25519 keys

    Note: It is highly recommended that you run the ssh-keygen commands below on another host. Some IoT devices do not have good entropy sources to generate sufficient keys with!

    ssh-keygen -t rsa -b 4096 -f ssh_host_rsa_key -N ""
    ssh-keygen -t ed25519 -f ssh_host_ed25519_key -N ""


    Be sure to upload the following 4 files to the target device's /etc/ssh directory:
    • ssh_host_ed25519_key
    • ssh_host_ed25519_key.pub
    • ssh_host_rsa_key
    • ssh_host_rsa_key.pub
  2. Remove small Diffie-Hellman moduli

    awk '$5 >= 3071' /etc/ssh/moduli > /etc/ssh/moduli.safe
    mv /etc/ssh/moduli.safe /etc/ssh/moduli
  3. Restrict supported key exchange, cipher, and MAC algorithms

    sed -i 's/^MACs \(.*\)$/\#MACs \1/g' /etc/ssh/sshd_config
    echo -e "\n# Restrict MAC algorithms, as per sshaudit.com hardening guide.\nMACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com" >> /etc/ssh/sshd_config
  4. Restart OpenSSH server

    service ssh reload

Note: Because of a bug in OpenSSH, 2048-bit DH moduli will still be used in some limited circumstances. Only a maximum score of 95% is possible.


RedHat Enterprise Linux 8 Server / CentOS 8 Server Last modified: October 20, 2020

Note: all commands below are to be executed as the root user.

  1. Re-generate the RSA and ED25519 keys

    rm -f /etc/ssh/ssh_host_*
    ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key -N ""
    ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N ""
    chgrp ssh_keys /etc/ssh/ssh_host_ed25519_key /etc/ssh/ssh_host_rsa_key
    chmod g+r /etc/ssh/ssh_host_ed25519_key /etc/ssh/ssh_host_rsa_key
  2. Remove small Diffie-Hellman moduli

    awk '$5 >= 3071' /etc/ssh/moduli > /etc/ssh/moduli.safe
    mv -f /etc/ssh/moduli.safe /etc/ssh/moduli
  3. Disable ECDSA host key

    Comment out the ECDSA HostKey directive in the /etc/ssh/sshd_config file:

    sed -i 's/^HostKey \/etc\/ssh\/ssh_host_ecdsa_key$/\#HostKey \/etc\/ssh\/ssh_host_ecdsa_key/g' /etc/ssh/sshd_config
  4. Restrict supported key exchange, cipher, and MAC algorithms

    cp /etc/crypto-policies/back-ends/opensshserver.config /etc/crypto-policies/back-ends/opensshserver.config.orig
    echo -e "CRYPTO_POLICY='-oCiphers=chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr -oMACs=hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com -oGSSAPIKexAlgorithms=gss-curve25519-sha256- -oKexAlgorithms=curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha256 -oHostKeyAlgorithms=ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-512 -oPubkeyAcceptedKeyTypes=ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-512'" > /etc/crypto-policies/back-ends/opensshserver.config
  5. Restart OpenSSH server

    systemctl restart sshd.service


RedHat Enterprise Linux 7 Server / CentOS 7 Server Last modified: October 17, 2017

Note: all commands below are to be executed as the root user.

  1. Re-generate the RSA and ED25519 keys

    rm -f /etc/ssh/ssh_host_*
    ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key -N ""
    ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N ""
  2. Remove small Diffie-Hellman moduli

    awk '$5 >= 3071' /etc/ssh/moduli > /etc/ssh/moduli.safe
    mv -f /etc/ssh/moduli.safe /etc/ssh/moduli
  3. Disable the DSA and ECDSA host keys

    Comment out the DSA and ECDSA HostKey directives in the /etc/ssh/sshd_config file:

    sed -i 's/^HostKey \/etc\/ssh\/ssh_host_\(dsa\|ecdsa\)_key$/\#HostKey \/etc\/ssh\/ssh_host_\1_key/g' /etc/ssh/sshd_config
  4. Restrict supported key exchange, cipher, and MAC algorithms

    echo -e "\n# Restrict key exchange, cipher, and MAC algorithms, as per sshaudit.com\n# hardening guide.\nKexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group18-sha512,diffie-hellman-group16-sha512,diffie-hellman-group-exchange-sha256\nCiphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\nMACs hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com" >> /etc/ssh/sshd_config
  5. Restart OpenSSH server

    systemctl restart sshd.service


pfSense 2.4 Last modified: October 17, 2017

Note: all commands below are to be executed as the root user.

  1. Re-generate the RSA and ED25519 keys

    rm /etc/ssh/ssh_host_*
    ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key -N ""
    ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N ""
  2. Remove small Diffie-Hellman moduli

    awk '$5 >= 3071' /etc/ssh/moduli > /etc/ssh/moduli.safe
    mv -f /etc/ssh/moduli.safe /etc/ssh/moduli
  3. Restrict supported key exchange, cipher, and MAC algorithms

    sed -i.bak 's/^MACs \(.*\)$/\#MACs \1/g' /etc/ssh/sshd_config && rm /etc/ssh/sshd_config.bak
    echo "" | echo "MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com" >> /etc/ssh/sshd_config
  4. Restart OpenSSH server

    service sshd onerestart

Note: Because of a bug in OpenSSH, 2048-bit DH moduli will still be used in some limited circumstances. Only a maximum score of 95% is possible.


OpenBSD 6.2 Server Last modified: October 20, 2020

Note: all commands below are to be executed as the root user.

  1. Re-generate the RSA and ED25519 keys

    rm /etc/ssh/ssh_host_*
    ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key -N ""
    ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N ""
  2. Create custom Diffie-Hellman groups

    ssh-keygen -G /etc/ssh/moduli -b 3072

    Note: This will likely take some time to complete.
  3. Disable the DSA and ECDSA host keys

    echo -e "\n# Restrict host keys to ED25519 and RSA only.\nHostKeyAlgorithms ssh-ed25519\n" >> /etc/ssh/sshd_config
  4. Restrict supported key exchange, cipher, and MAC algorithms

    echo -e "# Restrict key exchange, cipher, and MAC algorithms, as per sshaudit.com\n# hardening guide.\nKexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha256\nCiphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\nMACs hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com" >> /etc/ssh/sshd_config
  5. Restart OpenSSH server

    kill -HUP `cat /var/run/sshd.pid`

Note: Because of a bug in OpenSSH, 2048-bit DH moduli will still be used in some limited circumstances. Only a maximum score of 95% is possible.


Ubuntu 20.04 LTS Client / Linux Mint 20 ClientLast modified: October 20, 2020


Ubuntu 18.04 LTS Client / Linux Mint 19 ClientLast modified: October 20, 2020


Ubuntu 16.04 LTS Client / Linux Mint 18 ClientLast modified: October 20, 2020