80

Is there a way to make ssh output what MACs, Ciphers, and KexAlgorithms that it supports?

I'd like to find out dynamically instead of having to look at the source.

Colin Dean
  • 1,697
  • 3
  • 13
  • 9
  • 10
    You can also remotely probe a ssh server for its supported ciphers with recent *nmap* versions: `nmap --script ssh2-enum-algos -sV -p ` – eckes Apr 07 '16 at 15:18
  • For the server side, see https://serverfault.com/questions/735176/how-can-i-list-macs-ciphers-and-kexalogrithms-supported-by-my-ssh-server – tripleee Jun 01 '23 at 11:42

5 Answers5

98

Relevant OpenSSH man page: https://man.openbsd.org/ssh#Q

jjlin
  • 15,462
  • 4
  • 51
  • 51
nlu
  • 1,231
  • 9
  • 4
  • I knew it seemed crazy that I couldn't find it. – Colin Dean Jan 24 '15 at 23:25
  • 10
    It seems it's available from version >= `6.x` (or certainly not available in `5.9`). – pevik Mar 27 '15 at 14:22
  • 14
    On old OpenSSH versions, the very ugly way is: `strings /usr/sbin/sshd |grep mac` – Gert van den Berg Jan 06 '16 at 07:57
  • 4
    Specifically, `-Q` was introduced in [version 6.3](http://www.openssh.com/txt/release-6.3). – jjlin Jan 07 '16 at 18:10
  • `-Q` lists all supported. How to differentiate supported from enabled as default? This is in reference of OpenSSH 8.2 and supported, but not enabled-as-default diffie-hellman-group14-sha1. – Jari Turkia Feb 24 '20 at 12:38
  • Also helpful, here is how to know which ones are enabled: https://serverfault.com/a/735288/138785. Wanted to share this here since this is what I was looking for when I found this page. – James Dec 08 '20 at 18:06
41

You can also remotely probe a ssh server for its supported ciphers with recent nmap versions: 

nmap --script ssh2-enum-algos -sV -p <port> <host>

And there is an online service called sshcheck.com as well (and a pretty large number of similar scanner projects as I just found out).

eckes
  • 1,208
  • 14
  • 20
  • This works awesome. But to save someone 5 seconds - **note the reversal of here, you want to do 22 , not 22**. Or just do -p . – i336_ Oct 12 '21 at 08:29
  • 1
    Iits „-p “, that’s an option before the arguments. – eckes Oct 12 '21 at 08:41
13

Some old versions of OpenSSH do not support the -Q option, but this works for any ssh and it has the benefit of showing both client and server options, without the need for any third party tools like nmap:

ssh -vv username@servername

Scan the output to see what ciphers, KEX algos, and MACs are supported...

  • by your client: "local client KEXINIT proposal"
  • by the server: "peer server KEXINIT proposal"
...
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
...
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com
debug2: compression stoc: none,zlib@openssh.com
...
Michael
  • 999
  • 10
  • 16
arainchi
  • 231
  • 2
  • 2
  • 1
    This is a good answer. Do notice that in the old openssh 5.3 I found, there are no output string of 'local client KEXINIT proposal', but I still could find the supported MACs in the sea of *kex_parse_kexinit* string. It first show the one supported from the client, then those supported from server. The output didn't indicate clearly which is client which is server,but you could guess it by cross refer the man file. – sylye Sep 23 '21 at 07:34
  • Won't this show options *enabled*, not those *supported*? – Scott Buchanan Dec 20 '21 at 20:40
8

Just a quick tip that if you want to compare 2 servers you can use @eckes method like this:

$ sdiff -bW <(nmap --script ssh2-enum-algos -sV -p 22 192.168.1.107) <(nmap --script ssh2-enum-algos -sV -p 22 192.168.1.10)

Starting Nmap 6.47 ( http://nmap.org ) at 2018-01-22 22:35 ES   Starting Nmap 6.47 ( http://nmap.org ) at 2018-01-22 22:35 ES
Nmap scan report for skinner.bubba.net (192.168.1.107)        | Nmap scan report for mulder.bubba.net (192.168.1.10)
Host is up (0.0037s latency).                                 | Host is up (0.0031s latency).
PORT   STATE SERVICE VERSION                                    PORT   STATE SERVICE VERSION
22/tcp open  ssh     OpenSSH 4.3 (protocol 2.0)               | 22/tcp open  ssh     OpenSSH 5.3 (protocol 2.0)
| ssh2-enum-algos:                                              | ssh2-enum-algos:
|   kex_algorithms: (3)                                       | |   kex_algorithms: (4)
                                                              > |       diffie-hellman-group-exchange-sha256
|       diffie-hellman-group-exchange-sha1                      |       diffie-hellman-group-exchange-sha1
|       diffie-hellman-group14-sha1                             |       diffie-hellman-group14-sha1
|       diffie-hellman-group1-sha1                              |       diffie-hellman-group1-sha1
|   server_host_key_algorithms: (2)                             |   server_host_key_algorithms: (2)
|       ssh-rsa                                                 |       ssh-rsa
|       ssh-dss                                                 |       ssh-dss
|   encryption_algorithms: (13)                                 |   encryption_algorithms: (13)
|       aes128-ctr                                              |       aes128-ctr
|       aes192-ctr                                              |       aes192-ctr
|       aes256-ctr                                              |       aes256-ctr
|       arcfour256                                              |       arcfour256
|       arcfour128                                              |       arcfour128
|       aes128-cbc                                              |       aes128-cbc
|       3des-cbc                                                |       3des-cbc
|       blowfish-cbc                                            |       blowfish-cbc
|       cast128-cbc                                             |       cast128-cbc
|       aes192-cbc                                              |       aes192-cbc
|       aes256-cbc                                              |       aes256-cbc
|       arcfour                                                 |       arcfour
|       rijndael-cbc@lysator.liu.se                             |       rijndael-cbc@lysator.liu.se
|   mac_algorithms: (6)                                       | |   mac_algorithms: (9)
|       hmac-md5                                                |       hmac-md5
|       hmac-sha1                                               |       hmac-sha1
                                                              > |       umac-64@openssh.com
                                                              > |       hmac-sha2-256
                                                              > |       hmac-sha2-512
|       hmac-ripemd160                                          |       hmac-ripemd160
|       hmac-ripemd160@openssh.com                              |       hmac-ripemd160@openssh.com
|       hmac-sha1-96                                            |       hmac-sha1-96
|       hmac-md5-96                                             |       hmac-md5-96
|   compression_algorithms: (2)                                 |   compression_algorithms: (2)
|       none                                                    |       none
|_      zlib@openssh.com                                        |_      zlib@openssh.com

Service detection performed. Please report any incorrect resu   Service detection performed. Please report any incorrect resu
Nmap done: 1 IP address (1 host up) scanned in 0.19 seconds   | Nmap done: 1 IP address (1 host up) scanned in 0.22 seconds

In the above I'm showing a side-by-side diff of a CentOS 5.x and 6.x server.

$ ssh root@192.168.1.107 cat /etc/redhat-release
CentOS release 5.11 (Final)
$ ssh root@192.168.1.10 cat /etc/redhat-release
CentOS release 6.8 (Final)

The output shows you that you have 4 additional lines in the CentOS 6.x server vs. 5.x.

Reading the output

There's 1 additional kex_algorithm:

  • diffie-hellman-group-exchange-sha256

3 additional mac_algorithms:

  • umac-64@openssh.com
  • hmac-sha2-256
  • hmac-sha2-512
slm
  • 9,959
  • 10
  • 49
  • 57
-1
# sudo sshd -T | egrep 'ciphers|macs|kexalgo'
terrorclaw
  • 1