From ed9ab6155a9ae94a9b9bb214c42fb8dad6dfbf04 Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Sun, 31 Dec 2017 15:34:42 +0100
Subject: T507: Add support for key exchange algorithms

---
 templates/service/ssh/key-exchange/node.def | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 templates/service/ssh/key-exchange/node.def

diff --git a/templates/service/ssh/key-exchange/node.def b/templates/service/ssh/key-exchange/node.def
new file mode 100644
index 00000000..a3c91b0b
--- /dev/null
+++ b/templates/service/ssh/key-exchange/node.def
@@ -0,0 +1,11 @@
+type: txt
+help: Allowed key exchange algorithms
+comp_help: Specifies the available KEX (key exchange) algorithms. The KEX algorithm is used in protocol version 2 for key negotiation upon session creation. Multiple algorithms must be comma-separated. See 'ssh -Q kex' for supported KEX algorithms.
+
+create: sudo sed -i -e '$ a \
+KexAlgorithms $VAR(@)' /etc/ssh/sshd_config
+
+delete: sudo sed -i -e '/^KexAlgorithms $VAR(@)$/d' /etc/ssh/sshd_config
+
+update: sudo sed -i -e '/^KexAlgorithms.*$/c \
+KexAlgorithms $VAR(@)' /etc/ssh/sshd_config
-- 
cgit v1.2.3