https://stribika.github.io/2015/01/0...ure-shell.html

This is a nice little write up on how to harden your ssh connections in light of the Snowden documents about the NSA.

in the first section:
When I attempted to add this to my config file both my MAC and my CentOS v7 system tossed a rather nasty fit. the KexAlgorithms.... is not found and or unknown.

Lower in the Symmetric ciphers, they talk about the chacha20-poly1305, but when attempting to implement this in addition to the aes256 ciphers I currently have in my config it again tossed up nasty little notices stating not found, etc...

tried both so both with and without the @openssh.com no luv.

in the Message authentication codes (MACs) how do I implement this on my systems?

tried just the first portion of their snippet:

and my system told me Seems like a handy thing to add to the system for a bit more secure traffic between my home servers, web server, e-mail server, and my laptops when on the road.

thanks in advance.

What version of ssh are you running?
If it's old, try updating it.

Have you looked through the man pages of sshd_config?

Mine didn't throw any issues & I have OpenSSH_6.6.1

Check this link about the osx not working

This is the most current for RHELv7 as Im running CentOS v7. Thanks for the link, yeah OSx has some strangeness at times with many of the "FOSS" protocols and software it runs.

attempting to update the OSx vs of ssh and see what flies from there.

will report back.

hmm turns out my OSx is just way to old to update and do anything about. still running 10.6.x old hardware. first gen Intel iMAC.

also there seems to be several bug reports out there from RH about their ssh and the above issues. oh well. maybe someday .