Cisco
Cisco need to step up to the plate here: Some of their IOS kit either only works with 1024 bit SSH keys and others have weird bugs if you don't use 2048 SSH keys.
A recent Request for Comment at the Internet Engineering Task Force calls for SSH developers to deprecate 1,024-bit moduli. RFC 8270 was authored by Mark Baushke (at Juniper Networks but working as an individual*) and Loganaden Velvindron (of Mauritian group Hackers.mu) in response to demand for a response to the 2015 Logjam …
Some useful advice on hardening ssh, from 2 and a half years ago:
https://stribika.github.io/2015/01/04/secure-secure-shell.html
And a program to test an ssh server:
https://github.com/arthepsy/ssh-audit
djb rules, OK
# key exchange algorithms
(kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
# host-key algorithms
(key) ssh-ed25519 -- [info] available since OpenSSH 6.5
# encryption algorithms (ciphers)
(enc) chacha20-poly1305@openssh.com -- [info] available since OpenSSH 6.5
`- [info] default cipher since OpenSSH 6.9.
I wasn't expecting this, but 1024/1535 bit primes are in the latest CentOS.
# fgrep ' 1023 ' /etc/ssh/moduli | wc -l
29
# fgrep ' 1535 ' /etc/ssh/moduli | wc -l
49
This "in-place" sed edit command will remove them (restart sshd after edit):
sed -i.BAK 's/^.*[ ]1023[ ]/#&/;s/^.*[ ]1535[ ]/#&/' /etc/ssh/moduli
6 months ago I could still connect from devices that only supported 256 bit encryption -- because I could still use HTTP. In the last 6 months that's shrunk down to a few pixels in the big picture -- large chunks of the internet no longer support HTTP.