diff --git a/FreeBSD.md b/FreeBSD.md index f9da8d5..2bb137e 100644 --- a/FreeBSD.md +++ b/FreeBSD.md @@ -1,56 +1,387 @@ > [!NOTE] > > Taken from: https://github.com/bsdlabs/ssh-hardening - -These instructions have been tested against the following versions: - -* 13.5-RELEASE -* 14.3-RELEASE -* 14.0-STABLE -* 15.0-CURRENT - # Server -1. Remove existing key-pairs, disable DSA & ECDSA +These instructions have been tested against the following versions. For versions older than 15.0-RELEASE use the [legacy guide](https://github.com/bsdlabs/ssh-hardening/blob/main/server99.md). - ```sh - rm -f /etc/ssh/ssh_host_* - sysrc sshd_dsa_enable="no" - sysrc sshd_ecdsa_enable="no" - sysrc sshd_ed25519_enable="yes" - sysrc sshd_rsa_enable="yes" - ``` +* 15.0-RELEASE -2. Regenerate RSA and Ed25519 keys +## Backup ssh config, install ssh-audit - ```sh - ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key -N "" - ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N "" - ``` + sudo -s # we need root for most of this + cp -a /etc/ssh /etc/ssh.bak # backup ssh config just in case + pkg install -y security/py-ssh-audit # install ssh-audit (you can make install if you like) -3. Remove Diffie-Hellman moduli smaller than 3071 +## Enable and start sshd, then run ssh-audit, saving the output - ```sh - awk '$5 >= 3071' /etc/ssh/moduli > /etc/ssh/moduli.safe - mv /etc/ssh/moduli.safe /etc/ssh/moduli - ``` + service sshd enable + service sshd start + uname -a > ssh-audit.out + echo "# before hardening" >> ssh-audit.out + ssh-audit --no-colors localhost >> ssh-audit.out || true -4. Restrict supported key exchange, cipher, and MAC algorithms +## Remove existing key-pairs, disable ECDSA - ```sh - printf "\n# Restrict key exchange, cipher, and MAC algorithms, as per sshaudit.com\n# hardening guide.\nKexAlgorithms sntrup761x25519-sha512,sntrup761x25519-sha512@openssh.com,mlkem768x25519-sha256,curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512\n\nCiphers aes256-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-gcm@openssh.com,aes128-ctr\n\nMACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com\n\nHostKeyAlgorithms sk-ssh-ed25519-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256\n\nCASignatureAlgorithms sk-ssh-ed25519@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256\n\nHostbasedAcceptedAlgorithms sk-ssh-ed25519-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256\n\nPubkeyAcceptedAlgorithms sk-ssh-ed25519-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256\n" >> /etc/ssh/sshd_config - ``` + rm -f /etc/ssh/ssh_host_* + sysrc sshd_ecdsa_enable="no" + sysrc sshd_ed25519_enable="yes" + sysrc sshd_rsa_enable="yes" -5. Restart sshd +## Regenerate RSA and Ed25519 keys - ```sh - service sshd restart - ``` + ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key -N "" + ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N "" + +## Remove Diffie-Hellman moduli smaller than 3071 + + awk '$5 >= 3071' /etc/ssh/moduli > /etc/ssh/moduli.safe + mv /etc/ssh/moduli.safe /etc/ssh/moduli + +## Restrict supported key exchange, cipher, and MAC algorithms + + printf "\n# Restrict key exchange, cipher, and MAC algorithms, as per sshaudit.com\n# hardening guide.\nKexAlgorithms sntrup761x25519-sha512,sntrup761x25519-sha512@openssh.com,mlkem768x25519-sha256,curve25519-sha256,curve25519-sha256@libssh.org\n\nCiphers aes256-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-gcm@openssh.com,aes128-ctr\n\nMACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com\n\nHostKeyAlgorithms sk-ssh-ed25519-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256\n\nCASignatureAlgorithms sk-ssh-ed25519@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256\n\nHostbasedAcceptedAlgorithms sk-ssh-ed25519-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256\n\nPubkeyAcceptedAlgorithms sk-ssh-ed25519-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256\n" >> /etc/ssh/sshd_config + +## Optionally: Remove some FreeBSD-specific differences + + printf "\n# Remove some FreeBSD-specific differences\nUseDNS no\nVersionAddendum none\n" >> /etc/ssh/sshd_config + +## Restart sshd and run ssh-audit again, appending output + + service sshd restart + echo "# after hardening" >> ssh-audit.out + ssh-audit --no-colors localhost >> ssh-audit.out + +
+ Send (pastebin) the contents of ssh-audit.out + +``` +FreeBSD cirrus-task-4970050563604480 15.0-RELEASE FreeBSD 15.0-RELEASE releng/15.0-n280995-7aedc8de6446 GENERIC amd64 +# before hardening +# general +(gen) banner: SSH-2.0-OpenSSH_10.0 FreeBSD-20250801 +(gen) software: OpenSSH 10.0 running on FreeBSD (2025-08-01) +(gen) compatibility: OpenSSH 9.9+, Dropbear SSH 2020.79+ +(gen) compression: enabled (zlib@openssh.com) + +# key exchange algorithms +(kex) mlkem768x25519-sha256 -- [info] available since OpenSSH 9.9 + `- [info] hybrid key exchange based on post-quantum resistant algorithm and proven conventional X25519 algorithm +(kex) sntrup761x25519-sha512 -- [info] available since OpenSSH 9.9 + `- [info] default key exchange since OpenSSH 9.9 + `- [info] hybrid key exchange based on post-quantum resistant algorithm and proven conventional X25519 algorithm +(kex) sntrup761x25519-sha512@openssh.com -- [info] available since OpenSSH 8.5 + `- [info] default key exchange from OpenSSH 9.0 to 9.8 + `- [info] hybrid key exchange based on post-quantum resistant algorithm and proven conventional X25519 algorithm +(kex) curve25519-sha256 -- [info] available since OpenSSH 7.4, Dropbear SSH 2018.76 + `- [info] default key exchange from OpenSSH 7.4 to 8.9 +(kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.4, Dropbear SSH 2013.62 + `- [info] default key exchange from OpenSSH 6.5 to 7.3 +(kex) ecdh-sha2-nistp256 -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency + `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62 +(kex) ecdh-sha2-nistp384 -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency + `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62 +(kex) ecdh-sha2-nistp521 -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency + `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62 +(kex) ext-info-s -- [info] available since OpenSSH 9.6 + `- [info] pseudo-algorithm that denotes the peer supports RFC8308 extensions +(kex) kex-strict-s-v00@openssh.com -- [info] pseudo-algorithm that denotes the peer supports a stricter key exchange method as a counter-measure to the Terrapin attack (CVE-2023-48795) + +# host-key algorithms +(key) rsa-sha2-512 (3072-bit) -- [info] available since OpenSSH 7.2 +(key) rsa-sha2-256 (3072-bit) -- [info] available since OpenSSH 7.2, Dropbear SSH 2020.79 +(key) ecdsa-sha2-nistp256 -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency + `- [warn] using weak random number generator could reveal the key + `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62 +(key) ssh-ed25519 -- [info] available since OpenSSH 6.5, Dropbear SSH 2020.79 + +# encryption algorithms (ciphers) +(enc) chacha20-poly1305@openssh.com -- [info] available since OpenSSH 6.5, Dropbear SSH 2020.79 + `- [info] default cipher since OpenSSH 6.9 +(enc) aes128-gcm@openssh.com -- [info] available since OpenSSH 6.2 +(enc) aes256-gcm@openssh.com -- [info] available since OpenSSH 6.2 +(enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52 +(enc) aes192-ctr -- [info] available since OpenSSH 3.7 +(enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52 + +# message authentication code algorithms +(mac) umac-64-etm@openssh.com -- [warn] using small 64-bit tag size + `- [info] available since OpenSSH 6.2 +(mac) umac-128-etm@openssh.com -- [info] available since OpenSSH 6.2 +(mac) hmac-sha2-256-etm@openssh.com -- [info] available since OpenSSH 6.2 +(mac) hmac-sha2-512-etm@openssh.com -- [info] available since OpenSSH 6.2 +(mac) hmac-sha1-etm@openssh.com -- [fail] using broken SHA-1 hash algorithm + `- [info] available since OpenSSH 6.2 +(mac) umac-64@openssh.com -- [warn] using encrypt-and-MAC mode + `- [warn] using small 64-bit tag size + `- [info] available since OpenSSH 4.7 +(mac) umac-128@openssh.com -- [warn] using encrypt-and-MAC mode + `- [info] available since OpenSSH 6.2 +(mac) hmac-sha2-256 -- [warn] using encrypt-and-MAC mode + `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56 +(mac) hmac-sha2-512 -- [warn] using encrypt-and-MAC mode + `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56 +(mac) hmac-sha1 -- [fail] using broken SHA-1 hash algorithm + `- [warn] using encrypt-and-MAC mode + `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28 + +# fingerprints +(fin) ssh-ed25519: SHA256:YncX/C27MDDmKCSFvkN7F6oo6OJ41QjqmR17W5ZNucc +(fin) ssh-rsa: SHA256:uppfqLdpxS6uYj/VoaicnoHbXIIM1n0Tp5+oAfcKtxI + +# additional info +(nfo) Be aware that, while this target properly supports the strict key exchange method (via the kex-strict-?-v00@openssh.com marker) needed to protect against the Terrapin vulnerability (CVE-2023-48795), all peers must also support this feature as well, otherwise the vulnerability will still be present. The following algorithms would allow an unpatched peer to create vulnerable SSH channels with this target: chacha20-poly1305@openssh.com. If any CBC ciphers are in this list, you may remove them while leaving the *-etm@openssh.com MACs in place; these MACs are fine while paired with non-CBC cipher types. + +# after hardening +# general +(gen) banner: SSH-2.0-OpenSSH_10.0 +(gen) software: OpenSSH 10.0 +(gen) compatibility: OpenSSH 9.9+, Dropbear SSH 2020.79+ +(gen) compression: enabled (zlib@openssh.com) + +# key exchange algorithms +(kex) sntrup761x25519-sha512 -- [info] available since OpenSSH 9.9 + `- [info] default key exchange since OpenSSH 9.9 + `- [info] hybrid key exchange based on post-quantum resistant algorithm and proven conventional X25519 algorithm +(kex) sntrup761x25519-sha512@openssh.com -- [info] available since OpenSSH 8.5 + `- [info] default key exchange from OpenSSH 9.0 to 9.8 + `- [info] hybrid key exchange based on post-quantum resistant algorithm and proven conventional X25519 algorithm +(kex) mlkem768x25519-sha256 -- [info] available since OpenSSH 9.9 + `- [info] hybrid key exchange based on post-quantum resistant algorithm and proven conventional X25519 algorithm +(kex) curve25519-sha256 -- [info] available since OpenSSH 7.4, Dropbear SSH 2018.76 + `- [info] default key exchange from OpenSSH 7.4 to 8.9 +(kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.4, Dropbear SSH 2013.62 + `- [info] default key exchange from OpenSSH 6.5 to 7.3 +(kex) ext-info-s -- [info] available since OpenSSH 9.6 + `- [info] pseudo-algorithm that denotes the peer supports RFC8308 extensions +(kex) kex-strict-s-v00@openssh.com -- [info] pseudo-algorithm that denotes the peer supports a stricter key exchange method as a counter-measure to the Terrapin attack (CVE-2023-48795) + +# host-key algorithms +(key) rsa-sha2-512 (4096-bit) -- [info] available since OpenSSH 7.2 +(key) rsa-sha2-256 (4096-bit) -- [info] available since OpenSSH 7.2, Dropbear SSH 2020.79 +(key) ssh-ed25519 -- [info] available since OpenSSH 6.5, Dropbear SSH 2020.79 + +# encryption algorithms (ciphers) +(enc) aes256-gcm@openssh.com -- [info] available since OpenSSH 6.2 +(enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52 +(enc) aes192-ctr -- [info] available since OpenSSH 3.7 +(enc) aes128-gcm@openssh.com -- [info] available since OpenSSH 6.2 +(enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52 + +# message authentication code algorithms +(mac) hmac-sha2-512-etm@openssh.com -- [info] available since OpenSSH 6.2 +(mac) hmac-sha2-256-etm@openssh.com -- [info] available since OpenSSH 6.2 +(mac) umac-128-etm@openssh.com -- [info] available since OpenSSH 6.2 + +# fingerprints +(fin) ssh-ed25519: SHA256:s9ieIUqh9yd1TnZ6jQjaNRNyHON0J4Ugb9HfOnWoukg +(fin) ssh-rsa: SHA256:XMA6A0ba4BKcPqbzUv9G6uHbG7ujrXMjtZZO43HKzfc +``` +
+ +## If you want to revert the SSH configuration + + rm -rf /etc/ssh + mv /etc/ssh.bak /etc/ssh + +
+ Comparative table: Default vs. Hardened + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Default (OpenSSH 10.0)Hardened
HostKey +
    + +
  • Ed25519
    • +
  • ECDSA
    • +
  • RSA (3072-bit)
    • +
+		 +
    +
  • Ed25519
    • +
  • RSA (4096-bit)
    • +
+
Ciphers +
    + +
  • chacha20-poly1305@openssh.com
    • +
  • aes128-gcm@openssh.com
    • +
  • aes256-gcm@openssh.com
    • +
  • aes128-ctr
    • +
  • aes192-ctr
    • +
  • aes256-ctr
    • +
+		 +
    +
  • aes256-gcm@openssh.com
    • +
  • aes128-gcm@openssh.com
    • +
  • aes256-ctr
    • +
  • aes192-ctr
    • +
  • aes128-ctr
    • +
+
KexAlgorithms +
    + +
  • mlkem768x25519-sha256
    • +
  • sntrup761x25519-sha512
    • +
  • sntrup761x25519-sha512@openssh.com
    • +
  • curve25519-sha256
    • +
  • curve25519-sha256@libssh.org
    • +
  • ecdh-sha2-nistp256
    • +
  • ecdh-sha2-nistp384
    • +
  • ecdh-sha2-nistp521
    • +
+		 +
    +
  • sntrup761x25519-sha512
    • +
  • sntrup761x25519-sha512@openssh.com
    • +
  • mlkem768x25519-sha256
    • +
  • curve25519-sha256
    • +
  • curve25519-sha256@libssh.org
    • +
+
MACs +
    + +
  • umac-64-etm@openssh.com
    • +
  • umac-128-etm@openssh.com
    • +
  • hmac-sha2-256-etm@openssh.com
    • +
  • hmac-sha2-512-etm@openssh.com
    • +
  • hmac-sha1-etm@openssh.com
    • +
  • umac-64@openssh.com
    • +
  • umac-128@openssh.com
    • +
  • hmac-sha2-256
    • +
  • hmac-sha2-512
    • +
  • hmac-sha1
    • +
+		 +
    +
  • hmac-sha2-256-etm@openssh.com
    • +
  • hmac-sha2-512-etm@openssh.com
    • +
  • umac-128-etm@openssh.com
    • +
+
HostKeyAlgorithms +
    + +
  • ssh-ed25519-cert-v01@openssh.com
    • +
  • ecdsa-sha2-nistp256-cert-v01@openssh.com
    • +
  • ecdsa-sha2-nistp384-cert-v01@openssh.com
    • +
  • ecdsa-sha2-nistp521-cert-v01@openssh.com
    • +
  • sk-ssh-ed25519-cert-v01@openssh.com
    • +
  • sk-ecdsa-sha2-nistp256-cert-v01@openssh.com
    • +
  • rsa-sha2-512-cert-v01@openssh.com
    • +
  • rsa-sha2-256-cert-v01@openssh.com
    • +
  • ssh-ed25519
    • +
  • ecdsa-sha2-nistp256
    • +
  • ecdsa-sha2-nistp384
    • +
  • ecdsa-sha2-nistp521
    • +
  • sk-ssh-ed25519@openssh.com
    • +
  • sk-ecdsa-sha2-nistp256@openssh.com
    • +
  • rsa-sha2-512
    • +
  • rsa-sha2-256
    • +
+		 +
    +
  • ssh-ed25519
    • +
  • ssh-ed25519-cert-v01@openssh.com
    • +
  • sk-ssh-ed25519@openssh.com
    • +
  • sk-ssh-ed25519-cert-v01@openssh.com
    • +
  • rsa-sha2-512
    • +
  • rsa-sha2-512-cert-v01@openssh.com
    • +
  • rsa-sha2-256
    • +
  • rsa-sha2-256-cert-v01@openssh.com
    • +
+
+
# Client +These instructions have been tested against the following versions. +* 13.5-RELEASE +* 14.3-RELEASE +* 15.0-RELEASE -1. Run the following in a terminal to harden the OpenSSH client for the local user +## Run the following in a terminal to harden the OpenSSH client for the local user - ```sh - mkdir -p -m 0700 ~/.ssh; printf "\nHost *\n Ciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\n\n KexAlgorithms sntrup761x25519-sha512,sntrup761x25519-sha512@openssh.com,mlkem768x25519-sha256,curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha256\n\n MACs hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com\n\n HostKeyAlgorithms sk-ssh-ed25519-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256\n\n CASignatureAlgorithms sk-ssh-ed25519@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256\n\n HostbasedAcceptedAlgorithms sk-ssh-ed25519-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,ssh-ed25519,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-256\n\n PubkeyAcceptedAlgorithms sk-ssh-ed25519-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,ssh-ed25519,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-256\n" >> ~/.ssh/config - ``` \ No newline at end of file + mkdir -p -m 0700 ~/.ssh; printf "\nHost *\n Ciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\n\n KexAlgorithms sntrup761x25519-sha512,sntrup761x25519-sha512@openssh.com,mlkem768x25519-sha256,curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha256\n\n MACs hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com\n\n HostKeyAlgorithms sk-ssh-ed25519-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256\n\n CASignatureAlgorithms sk-ssh-ed25519@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256\n\n HostbasedAcceptedAlgorithms sk-ssh-ed25519-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,ssh-ed25519,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-256\n\n PubkeyAcceptedAlgorithms sk-ssh-ed25519-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,ssh-ed25519,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-256\n" >> ~/.ssh/config + +
+ Results report + +``` +# general +(gen) client IP: 127.0.0.1 +(gen) banner: SSH-2.0-OpenSSH_10.0 +(gen) software: OpenSSH 10.0 +(gen) compression: enabled (zlib@openssh.com) + +# key exchange algorithms +(kex) sntrup761x25519-sha512 -- [info] available since OpenSSH 9.9 + `- [info] default key exchange since OpenSSH 9.9 + `- [info] hybrid key exchange based on post-quantum resistant algorithm and proven conventional X25519 algorithm +(kex) sntrup761x25519-sha512@openssh.com -- [info] available since OpenSSH 8.5 + `- [info] default key exchange from OpenSSH 9.0 to 9.8 + `- [info] hybrid key exchange based on post-quantum resistant algorithm and proven conventional X25519 algorithm +(kex) mlkem768x25519-sha256 -- [info] available since OpenSSH 9.9 + `- [info] hybrid key exchange based on post-quantum resistant algorithm and proven conventional X25519 algorithm +(kex) curve25519-sha256 -- [info] available since OpenSSH 7.4, Dropbear SSH 2018.76 + `- [info] default key exchange from OpenSSH 7.4 to 8.9 +(kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.4, Dropbear SSH 2013.62 + `- [info] default key exchange from OpenSSH 6.5 to 7.3 +(kex) diffie-hellman-group16-sha512 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73 +(kex) diffie-hellman-group18-sha512 -- [info] available since OpenSSH 7.3 +(kex) diffie-hellman-group-exchange-sha256 -- [info] available since OpenSSH 4.4 +(kex) ext-info-c -- [info] available since OpenSSH 7.2 + `- [info] pseudo-algorithm that denotes the peer supports RFC8308 extensions +(kex) kex-strict-c-v00@openssh.com -- [info] pseudo-algorithm that denotes the peer supports a stricter key exchange method as a counter-measure to the Terrapin attack (CVE-2023-48795) + +# host-key algorithms +(key) sk-ssh-ed25519-cert-v01@openssh.com -- [info] available since OpenSSH 8.2 +(key) ssh-ed25519-cert-v01@openssh.com -- [info] available since OpenSSH 6.5 +(key) rsa-sha2-512-cert-v01@openssh.com -- [info] available since OpenSSH 7.8 +(key) rsa-sha2-256-cert-v01@openssh.com -- [info] available since OpenSSH 7.8 +(key) sk-ssh-ed25519@openssh.com -- [info] available since OpenSSH 8.2 +(key) ssh-ed25519 -- [info] available since OpenSSH 6.5, Dropbear SSH 2020.79 +(key) rsa-sha2-512 -- [info] available since OpenSSH 7.2 +(key) rsa-sha2-256 -- [info] available since OpenSSH 7.2, Dropbear SSH 2020.79 + +# encryption algorithms (ciphers) +(enc) aes256-gcm@openssh.com -- [info] available since OpenSSH 6.2 +(enc) aes128-gcm@openssh.com -- [info] available since OpenSSH 6.2 +(enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52 +(enc) aes192-ctr -- [info] available since OpenSSH 3.7 +(enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52 + +# message authentication code algorithms +(mac) hmac-sha2-256-etm@openssh.com -- [info] available since OpenSSH 6.2 +(mac) hmac-sha2-512-etm@openssh.com -- [info] available since OpenSSH 6.2 +(mac) umac-128-etm@openssh.com -- [info] available since OpenSSH 6.2 +``` +
\ No newline at end of file