Add SSH hardening (#1300)
diff --git a/images/nova-ssh/Dockerfile b/images/nova-ssh/Dockerfile
index b61f4cd..5b6b56b 100644
--- a/images/nova-ssh/Dockerfile
+++ b/images/nova-ssh/Dockerfile
@@ -15,3 +15,10 @@
mkdir /var/run/sshd
chmod 0755 /var/run/sshd
EOF
+COPY <<EOF /etc/ssh/sshd_config.d/00-hardening.conf
+Ciphers aes256-ctr,aes192-ctr
+MACs hmac-sha2-512,hmac-sha2-256
+KexAlgorithms diffie-hellman-group-exchange-sha256
+HostKeyAlgorithms ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
+MaxAuthTries 3
+EOF