Securing OpenSSH
You can set up SSH to prefer Elliptic Curve cryptography over RSA, and use modern key exchange algorithms without exposing yourself to Logjam-style attacks. It’s also good to get rid of SHA1 and MD5.
A good resource is the OpenSSH Guidelines page on the Mozilla wiki. You can basically copy the config.
Caveat: I found out that the version of Paramiko in Debian Jessie does not
support SHA2 hashes or ECC in the key exchange. Paramiko was used in my case
by duplicity. If you upgrade to the most recent version from pypi you can
use diffie-hellman-exchange-group-sha256.
Authors
Senior Cryptography Researcher
Thom Wiggers is a cryptography researcher at PQShield.
His PhD thesis was on the interactions of post-quantum cryptography with protocols, under the supervision of Peter Schwabe, at the Institute of Computing and Information Sciences, Radboud University in The Netherlands.