Approved algorithms should impart some level of confidence in their implementation. These are also required for compliance.
Note: This does not imply FIPS 140-2 certification.
Limit the ciphers to those algorithms which are FIPS-approved. Counter (CTR) mode is also preferred over cipher-block chaining (CBC) mode.
Add or correct the following line in '/etc/ssh/sshd_config':
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.