So to help everyone (read whole post first), you should probably have the line
KexAlgorithms sntrup4591761x25519-sha512@tinyssh.org,curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
in /etc/ssh/sshd_config of server and /etc/ssh/ssh_config of client (under "Host ").
(The rest of the kex recommendations are from https://stribika.github.io/2015/01/04/secure-secure-shell.ht...)
---
However, for some reason after running "/usr/sbin/sshd -T" it said
"/etc/ssh/sshd_config line 2: Bad SSH2 KexAlgorithms 'sntrup4591761x25519-sha512@tinyssh.org'."
so I played around. It's hard for me to go back on everything I tried but a working solution seemed to be to add the
line to server's "/usr/local/etc/sshd_config" and to client's "/usr/local/etc/ssh_config" under "Host ".
You then need to start the server by running "sudo /usr/local/sbin/sshd" and you need to use the ssh client with the binary "/usr/local/bin/ssh".
So to help everyone (read whole post first), you should probably have the line
KexAlgorithms sntrup4591761x25519-sha512@tinyssh.org,curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
in /etc/ssh/sshd_config of server and /etc/ssh/ssh_config of client (under "Host ").
(The rest of the kex recommendations are from https://stribika.github.io/2015/01/04/secure-secure-shell.ht...)
---
However, for some reason after running "/usr/sbin/sshd -T" it said
"/etc/ssh/sshd_config line 2: Bad SSH2 KexAlgorithms 'sntrup4591761x25519-sha512@tinyssh.org'."
so I played around. It's hard for me to go back on everything I tried but a working solution seemed to be to add the
KexAlgorithms sntrup4591761x25519-sha512@tinyssh.org,curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
line to server's "/usr/local/etc/sshd_config" and to client's "/usr/local/etc/ssh_config" under "Host ".
You then need to start the server by running "sudo /usr/local/sbin/sshd" and you need to use the ssh client with the binary "/usr/local/bin/ssh".