Hardening dropbear

I've been notified about the results of the ssh-audit[1] security
scanner.

This gave me the opportunity to learn a bit about how SSH works under
the hood.

This article[2] explains how the session is established.
I learned from it that the diffie-hellman procedure used to exchange
the session key between client and server is based on temporary keys.
The persistent host keys are only used for authentication.

MAC-then-encrypt or encrypt-then-MAC?[3]
The MAC authenticates the message
* MAC-then-encrypt (TLS):
    Encrypt(PlainText . MAC(PlainText))
* MAC-and-encrypt (SSH):
    Encrypt(PlainText) . MAC(PlainText)
* encrypt-then-MAC (who does that?):
    Encrypt(PlainText) . MAC(Encrypt(PlainText))
From the stackexchange thread, I could infer that the latter has stronger
guarantees.

Other interesting reads:
MAC wikipedia page[4].


[1] https://github.com/jtesta/ssh-audit
[2] https://www.digitalocean.com/community/tutorials/understanding-the-ssh-encryption-and-connection-process#authenticating-the-user-s-access-to-the-server
[3] https://crypto.stackexchange.com/questions/202/should-we-mac-then-encrypt-or-encrypt-then-mac
[4] https://en.wikipedia.org/wiki/Message_authentication_code