Add 'stribika' configuration (for reference)

see https://stribika.github.io/2015/01/04/secure-secure-shell.html

vars/ssh_stribika.yml

@@ -0,0 +1,25 @@
+
+ssh_hardening_opts:
+  KexAlgorithms:
+    - curve25519-sha256@libssh.org
+    - diffie-hellman-group-exchange-sha256
+  Ciphers:
+    - chacha20-poly1305@openssh.com
+    - aes256-gcm@openssh.com
+    - aes128-gcm@openssh.com
+    - aes256-ctr
+    - aes192-ctr
+    - aes128-ctr
+  MACs:
+    - hmac-sha2-512-etm@openssh.com
+    - hmac-sha2-256-etm@openssh.com
+    - umac-128-etm@openssh.com
+    - hmac-sha2-512
+    - hmac-sha2-256
+    - umac-128@openssh.com
+  HostKeyAlgorithms:
+    - ssh-ed25519-cert-v01@openssh.com
+    - ssh-rsa-cert-v01@openssh.com
+    - ssh-ed25519
+    - ssh-rsa
+