// Archive

Category: 381

05/25/2026

Hardened OpenSSH 10.3 for Debian and Ubuntu: PQ Crypto, AppArmor, 3 sshd Flavours

The myguard OpenSSH 10.3 package rebuilds sshd for production servers: post-quantum key exchange, AEAD-only ciphers, an AppArmor profile, a fail2ban jail, monthly moduli regeneration, three switchable sshd flavours (default / gssapi / minimal), and compiler hardening beyond Debian’s default. Includes a 2026 SSH key-generation walkthrough and a stack of server-hardening tips.

Read more →