How can I find a list of MACs, Ciphers, and KexAlgorithms that my openssh client supports?
Is there a way to make ssh output what MACs, Ciphers, and KexAlgorithms that it supports?
I'd like to find out dynamically instead of having to look at the source.
14 Answers
Relevant OpenSSH man page:
Ciphers:ssh -Q cipherMACs:ssh -Q macKexAlgorithms:ssh -Q kexPubkeyAcceptedKeyTypes:ssh -Q key
You can also remotely probe a ssh server for its supported ciphers with recent nmap versions:
nmap --script ssh2-enum-algos -sV -p <port> <host>And there is an online service called sshcheck.com as well (and a pretty large number of similar scanner projects as I just found out).
Some old versions of OpenSSH do not support the -Q option, but this works for any ssh and it has the benefit of showing both client and server options, without the need for any third party tools like nmap:
ssh -vv username@servernameScan the output to see what ciphers, KEX algos, and MACs are supported...
- by your client: "local client KEXINIT proposal"
- by the server: "peer server KEXINIT proposal"
...
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: ,,,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,,,,,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: ,aes128-ctr,aes192-ctr,aes256-ctr,,
debug2: ciphers stoc: ,aes128-ctr,aes192-ctr,aes256-ctr,,
debug2: MACs ctos: ,,,,,,,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: ,,,,,,,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,,zlib
debug2: compression stoc: none,,zlib
...
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: ,aes128-ctr,aes192-ctr,aes256-ctr,,
debug2: ciphers stoc: ,aes128-ctr,aes192-ctr,aes256-ctr,,
debug2: MACs ctos: ,,,,,,,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: ,,,,,,,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,
debug2: compression stoc: none,
...Just a quick tip that if you want to compare 2 servers you can use @eckes method like this:
$ sdiff -bW <(nmap --script ssh2-enum-algos -sV -p 22 192.168.1.107) <(nmap --script ssh2-enum-algos -sV -p 22 192.168.1.10)
Starting Nmap 6.47 ( ) at 2018-01-22 22:35 ES Starting Nmap 6.47 ( ) at 2018-01-22 22:35 ES
Nmap scan report for skinner.bubba.net (192.168.1.107) | Nmap scan report for mulder.bubba.net (192.168.1.10)
Host is up (0.0037s latency). | Host is up (0.0031s latency).
PORT STATE SERVICE VERSION PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 4.3 (protocol 2.0) | 22/tcp open ssh OpenSSH 5.3 (protocol 2.0)
| ssh2-enum-algos: | ssh2-enum-algos:
| kex_algorithms: (3) | | kex_algorithms: (4) > | diffie-hellman-group-exchange-sha256
| diffie-hellman-group-exchange-sha1 | diffie-hellman-group-exchange-sha1
| diffie-hellman-group14-sha1 | diffie-hellman-group14-sha1
| diffie-hellman-group1-sha1 | diffie-hellman-group1-sha1
| server_host_key_algorithms: (2) | server_host_key_algorithms: (2)
| ssh-rsa | ssh-rsa
| ssh-dss | ssh-dss
| encryption_algorithms: (13) | encryption_algorithms: (13)
| aes128-ctr | aes128-ctr
| aes192-ctr | aes192-ctr
| aes256-ctr | aes256-ctr
| arcfour256 | arcfour256
| arcfour128 | arcfour128
| aes128-cbc | aes128-cbc
| 3des-cbc | 3des-cbc
| blowfish-cbc | blowfish-cbc
| cast128-cbc | cast128-cbc
| aes192-cbc | aes192-cbc
| aes256-cbc | aes256-cbc
| arcfour | arcfour
| |
| mac_algorithms: (6) | | mac_algorithms: (9)
| hmac-md5 | hmac-md5
| hmac-sha1 | hmac-sha1 > | > | hmac-sha2-256 > | hmac-sha2-512
| hmac-ripemd160 | hmac-ripemd160
| |
| hmac-sha1-96 | hmac-sha1-96
| hmac-md5-96 | hmac-md5-96
| compression_algorithms: (2) | compression_algorithms: (2)
| none | none
|_ |_
Service detection performed. Please report any incorrect resu Service detection performed. Please report any incorrect resu
Nmap done: 1 IP address (1 host up) scanned in 0.19 seconds | Nmap done: 1 IP address (1 host up) scanned in 0.22 secondsIn the above I'm showing a side-by-side diff of a CentOS 5.x and 6.x server.
$ ssh root@192.168.1.107 cat /etc/redhat-release
CentOS release 5.11 (Final)
$ ssh root@192.168.1.10 cat /etc/redhat-release
CentOS release 6.8 (Final)The output shows you that you have 4 additional lines in the CentOS 6.x server vs. 5.x.
Reading the output
There's 1 additional kex_algorithm:
- diffie-hellman-group-exchange-sha256
3 additional mac_algorithms:
- hmac-sha2-256
- hmac-sha2-512
