Skip to content

Instantly share code, notes, and snippets.

Avatar

Kevin P. Fleming kpfleming

View GitHub Profile
@edef1c
edef1c / config-security
Last active Aug 29, 2015
Sane security defaults for SSH clients. Disables everything old and nasty.
View config-security
# vim: ft=sshconfig
# Sane security defaults for SSH clients. Disables everything old and nasty.
# Unfortunately, SSH appears to provide no way to *exclude* old protocols,
# so we have a list of known-secure key exchange algorithms, symmetric ciphers,
# and message authentication codes.
# Config taken from [https://stribika.github.io/2015/01/04/secure-secure-shell.html]
Host *
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
@surrealroad
surrealroad / gist:5146661
Last active Apr 6, 2016
Digital Ocean Discourse production install with LAMP (using Apache)
View gist:5146661
#create & deploy lamp droplet
#login via ssh as root
#initial setup (ref: http://library.linode.com/getting-started#sph_logging-in-for-the-first-time)
# update /etc/hosts (to "thalassophobia.surrealroad.com")
nano /etc/hosts
#