From: Tobias Brunner <tobias@strongswan.org>
Date: Mon, 26 Jun 2023 12:20:14 +0000 (+0200)
Subject: testing: Configure curve25519-sha256 as key exchange for SSH
X-Git-Tag: android-2.4.2~22^2~18
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ab13c1c8089dbb11166f2426ae0c05bdf119f79d;p=thirdparty%2Fstrongswan.git

testing: Configure curve25519-sha256 as key exchange for SSH

With Debian bookworm, the PQC KE sntrup761x25519-sha512 is negotiated, by
default.  This increases the overhead significantly, in particular, the
size of the KE message, which wouldn't get through IPsec tunnels without
MSS clamping.
---

diff --git a/testing/hosts/default/etc/ssh/sshd_config b/testing/hosts/default/etc/ssh/sshd_config
index f4ced3e374..700c7caaf7 100644
--- a/testing/hosts/default/etc/ssh/sshd_config
+++ b/testing/hosts/default/etc/ssh/sshd_config
@@ -1,6 +1,7 @@
 Port 22
 Protocol 2
 Ciphers aes128-gcm@openssh.com
+KexAlgorithms curve25519-sha256
 HostKey /etc/ssh/ssh_host_rsa_key
 HostKey /etc/ssh/ssh_host_ecdsa_key
 PermitRootLogin yes