Kevin P. Fleming kpfleming
edef1c
/ config-security
Last active
August 29, 2015 14:12
Sane security defaults for SSH clients. Disables everything old and nasty.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # vim: ft=sshconfig | |
| # Sane security defaults for SSH clients. Disables everything old and nasty. | |
| # Unfortunately, SSH appears to provide no way to *exclude* old protocols, | |
| # so we have a list of known-secure key exchange algorithms, symmetric ciphers, | |
| # and message authentication codes. | |
| # Config taken from [https://stribika.github.io/2015/01/04/secure-secure-shell.html] | |
| Host * | |
| KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256 | |
| Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr |
surrealroad
/ gist:5146661
Last active
April 6, 2016 03:26
Digital Ocean Discourse production install with LAMP (using Apache)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #create & deploy lamp droplet | |
| #login via ssh as root | |
| #initial setup (ref: http://library.linode.com/getting-started#sph_logging-in-for-the-first-time) | |
| # update /etc/hosts (to "thalassophobia.surrealroad.com") | |
| nano /etc/hosts | |
| # |