Skip to content

Supported Algorithms

SSH Config Tips

You can enable or disable algorithms using the Ciphers, HostKeyAlgorithms, KexAlgorithms and MACs keywords in your ssh_config file.

For example, to enable the ecdh-sha2-nistp521 key exchange algorithm, you can add the following line to your ssh_config file :

Host *
    KexAlgorithms +ecdh-sha2-nistp521

To disable aes128-ctr cipher, you can add the following line to your ssh_config file :

Host *
    Ciphers -aes128-ctr

To set only ssh-rsa and ssh-ed25519 host key algorithms, you can add the following line to your ssh_config file :

Host *
    HostKeyAlgorithms +ssh-rsa,+ssh-ed25519

^ character is not supported by WebSSH. Only + and - are supported to enable or disable algorithms without changing the default ones.

Ciphers

The supported ciphers are :

The default enabled are :

HostKeyAlgorithms

The supported host key algorithms are :

  • ecdsa-sha2-nistp256
  • ecdsa-sha2-nistp384
  • ecdsa-sha2-nistp521
  • ssh-ed25519
  • rsa-sha2-256
  • rsa-sha2-512
  • ssh-rsa
  • ssh-dss

The default enabled are :

  • ssh-ed25519
  • rsa-sha2-256
  • rsa-sha2-512

^ character is not supported by WebSSH. Only + and - are supported to enable or disable host key algorithms without changing the default ones.

KexAlgorithms

The supported key exchange algorithms are :

  • curve25519-sha256
  • [email protected]
  • ecdh-sha2-nistp256
  • ecdh-sha2-nistp384
  • ecdh-sha2-nistp521
  • diffie-hellman-group14-sha256
  • diffie-hellman-group16-sha512
  • diffie-hellman-group18-sha512
  • diffie-hellman-group-exchange-sha256
  • diffie-hellman-group1-sha1
  • diffie-hellman-group14-sha1
  • diffie-hellman-group-exchange-sha1

The default enabled are :

  • curve25519-sha256
  • [email protected]
  • diffie-hellman-group16-sha512
  • diffie-hellman-group18-sha512
  • diffie-hellman-group-exchange-sha256

^ character is not supported by WebSSH. Only + and - are supported to enable or disable key exchange algorithms without changing the default ones.

MACs

The supported MACs are :

The default enabled are :


Last update: September 15, 2024