Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSH Wide Compatability Mode Unsupported [SOLUTION] #792

Closed
godylockz opened this issue Sep 28, 2022 · 25 comments
Closed

SSH Wide Compatability Mode Unsupported [SOLUTION] #792

godylockz opened this issue Sep 28, 2022 · 25 comments
Labels
good first issue help wanted

Comments

@godylockz
Copy link

Description:

Running SSH in "Wide Compatibility Mode" causes hydra not to error out. This is enabled via kali-tweaks -> Hardening or adding the following to /etc/ssh/ssh_config. The + indicates append to default.

Host *
  Ciphers +3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc
  KexAlgorithms +diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1
  HostKeyAlgorithms +ssh-rsa,[email protected],ssh-dss,[email protected]
  PubkeyAcceptedAlgorithms +ssh-rsa,[email protected],ssh-dss,[email protected]

Versions

Kali Version 2022.3, Hydra v9.3

Error

$ hydra -l michael -P /usr/share/wordlists/rockyou.txt ssh://10.10.11.166
[INFO] Testing if password authentication is supported by ssh://[email protected]:22
[2022/09/28 00:41:59.494904, 1] socket_callback_connected:  Socket connection callback: 1 (0)
[2022/09/28 00:41:59.526248, 1] ssh_client_select_hostkeys:  List of allowed host key algorithms is empty or contains only unsupported algorithms
[ERROR] could not connect to ssh://10.10.11.166:22 - ssh_set_client_kex: Out of memory

Expected behavior

SSH bruteforcing should work correctly in Wide Compatibility mode. CrackMapExec works in the meantime:

cme ssh 10.10.11.166 -u michael -p /usr/share/wordlists/rockyou.txt
@ClaudioVarandas
Copy link

I think i have the same issue, using the "Wide Compatibility Mode" too, same version of OS and Hydra.

Here is my debug data:

┌──(root㉿kali)-[~]
└─# hydra -l root -P /usr/share/wordlists/metasploit/unix_passwords.txt ssh://192.168.47.129:22 -t 4 -vV -d
Hydra v9.3 (c) 2022 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).

[DEBUG] Output color flag is 1
Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2022-09-29 18:07:50
[DEBUG] cmdline: hydra -l root -P /usr/share/wordlists/metasploit/unix_passwords.txt -t 4 -vV -d ssh://192.168.47.129:22 
[DEBUG] opt:9 argc:10 mod:ssh tgt:192.168.47.129 port:22 misc:(null)
[DATA] max 4 tasks per 1 server, overall 4 tasks, 1009 login tries (l:1/p:1009), ~253 tries per task
[DATA] attacking ssh://192.168.47.129:22/
[VERBOSE] Resolving addresses ... 
[DEBUG] resolving 192.168.47.129
[VERBOSE] resolving done
[INFO] Testing if password authentication is supported by ssh://[email protected]:22
[ERROR] could not connect to ssh://192.168.47.129:22 - ssh_set_client_kex: Out of memory

@vanhauser-thc
Copy link
Owner

A quick search for this and libssh did not reveal the config changed required. I do not have time to work on this for the next weeks so if someone can send a PR this would be great ...

@elboulangero
Copy link

elboulangero commented Jan 18, 2023
edited
Loading

Hello,

this issue should be fixed in Kali Linux, as of today, with the latest version of kali-tweaks 2023.1.2, that just landed in kali-rolling.

Steps to follow:

  1. Run sudo apt update && sudo apt full-upgrade -y to upgrade your Kali install.
  2. Make sure the latest version of kali-tweaks was installed with dpkg -l | grep kali-tweaks (expect version 2023.1.2 or higher).
  3. Then run kali-tweaks and enable the « SSH Wide Compatibility ». If it's already enabled, please disable it, confirm, then enable it again.

After that, it should work. Please report that the issue is indeed fixed.

For the curious, details on the exact issue can be found at: https://gitlab.com/kalilinux/packages/kali-tweaks/-/merge_requests/8#note_1241868100

Thanks!

@vanhauser-thc vanhauser-thc changed the title SSH Wide Compatability Mode Unsupported [BUG] SSH Wide Compatability Mode Unsupported [SOLUTION] Jan 18, 2023
@vanhauser-thc vanhauser-thc pinned this issue Jan 18, 2023
@elboulangero
Copy link

I was told that it still fails, this time with a different error message:

[ERROR] could not connect to ssh://10.11.1.115:22 - kex error : no match for method mac algo client->server: server [hmac-md5,hmac-sha1,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96], client [[email protected],[email protected],hmac-sha2-256,hmac-sha2-512]

So I just updated kali-tweaks so that, in « SSH Wide Compatibility » mode, the legacy MACs are also enabled. This was released in kali-tweaks version 2023.1.3.

For anyone interested to test, same procedure as above to update (steps 1, 2 and 3). Thanks!

@chinnidiwakar
Copy link

Still the same issue, i tried in latest kali. any update on this? regular ssh command words, medusa works, nmap script works, but not hydra.
[ERROR] could not connect to ssh://10.0.0.169:22 - kex error : no match for method server host key algo: server [ssh-rsa,ssh-dss], client [rsa-sha2-512,rsa-sha2-256,ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,[email protected],[email protected]]

@elboulangero
Copy link

@chinnidiwakar Did you enable SSH "Wide Compatibility Mode" in Kali? This is enabled via command kali-tweaks, then in the menu Hardening.

@chinnidiwakar
Copy link

chinnidiwakar commented Sep 12, 2023 via email

@rickiey
Copy link

rickiey commented Sep 12, 2023

I ran into this problem with ubuntu

[ERROR] could not connect to ssh://192.168.5.133:22 - kex error : no match for method server host key algo: server [rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519], client [ssh-rsa]

@elboulangero
Copy link

@chinnidiwakar Just to be sure, can you give me the ouput of:

ssh -G '*' | grep -i '^HostKeyAlgo' | cut -d' ' -f2- | sed 's/,/\n/g' | sort

Thanks

@chinnidiwakar
Copy link

chinnidiwakar commented Sep 12, 2023 via email

@elboulangero
Copy link

@chinnidiwakar Didn't work, there's no image

@chinnidiwakar
Copy link

Screenshot 2023-09-12 151812
is it visible now?

@elboulangero
Copy link

Yes it's visible, thanks!

I find a bit surprising, as I don't get the same output on my side (also an up-to-date Kali system), I have a few more algos:

┌──(kali㉿kali)-[~]
└─$ ssh -G '*' | grep -i '^HostKeyAlgo' | cut -d' ' -f2- | sed 's/,/\n/g' | sort
ecdsa-sha2-nistp256
[email protected]
ecdsa-sha2-nistp384
[email protected]
ecdsa-sha2-nistp521
[email protected]
rsa-sha2-256
[email protected]
rsa-sha2-512
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
ssh-dss
[email protected]
ssh-ed25519
[email protected]
ssh-rsa
[email protected]
[email protected]

Can you also share the output of those commands please:

┌──(kali㉿kali)-[~]
└─$ ls /etc/ssh/ssh_config.d                      
kali-wide-compat.conf
                                                                                                                              
┌──(kali㉿kali)-[~]
└─$ cat /etc/ssh/ssh_config.d/kali-wide-compat.conf 
# The configuration below enables legacy ciphers and algorithms,
# to allow interacting with old servers that still use those.
#
# If the setting(s) in this file are not desirable, do NOT
# modify this file. Instead, start 'kali-tweaks' in a
# terminal and change the setting from there.

Host *
    Ciphers [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc
    KexAlgorithms [email protected],curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1
    HostKeyAlgorithms [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected],rsa-sha2-512,rsa-sha2-256,ssh-dss,[email protected],ssh-rsa,[email protected],[email protected]
    MACs [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-md5-96,[email protected],[email protected],hmac-sha1-96,[email protected]
    PubkeyAcceptedAlgorithms [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected],rsa-sha2-512,rsa-sha2-256,ssh-dss,[email protected],ssh-rsa,[email protected],[email protected]

Thanks

@godylockz
Copy link
Author

godylockz commented Sep 13, 2023
edited
Loading

The only thing different on Kali Wide Compatibility config since the fix is..

    MACs [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-md5-96,[email protected],[email protected],hmac-sha1-96,[email protected]

Can you please confirm you are getting positive attempts using another SSH bruteforce utility such as crackmapexec?

Any additional details for debugging on the target, that would be great.

The original target I created the issue still works.

@chinnidiwakar
Copy link

chinnidiwakar commented Sep 15, 2023
edited
Loading 

└─# ls /etc/ssh/ssh_config.d/kali-wide-compat.conf 
/etc/ssh/ssh_config.d/kali-wide-compat.conf
                                                                                                                              
┌──(root㉿kali)-[~]
└─# cat /etc/ssh/ssh_config.d/kali-wide-compat.conf               
# The configuration below enables legacy ciphers and algorithms,
# to allow interacting with old servers that still use those.
#
# If the setting(s) in this file are not desirable, do NOT
# modify this file. Instead, start 'kali-tweaks' in a
# terminal and change the setting from there.

Host *
    Ciphers [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc
    KexAlgorithms [email protected],curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1
    HostKeyAlgorithms [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected],rsa-sha2-512,rsa-sha2-256,ssh-dss,[email protected],ssh-rsa,[email protected],[email protected]
    MACs [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-md5-96,[email protected],[email protected],hmac-sha1-96,[email protected]
    PubkeyAcceptedAlgorithms [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected],rsa-sha2-512,rsa-sha2-256,ssh-dss,[email protected],ssh-rsa,[email protected],[email protected]

@chinnidiwakar
Copy link 

└─# crackmapexec ssh 10.0.0.159 -u root -p pass.txt
SSH         10.0.0.159      22     10.0.0.159       [*] SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1
SSH         10.0.0.159      22     10.0.0.159       [-] root:password Authentication failed.
SSH         10.0.0.159      22     10.0.0.159       [+] root:toor (Pwn3d!)
                                                                             ```

@chinnidiwakar
Copy link

image

@elboulangero
Copy link

elboulangero commented Sep 15, 2023
edited
Loading

@chinnidiwakar Thanks for the feedback. Something doesn't really match in your config though.

We have the same config file /etc/ssh/ssh_config.d/kali-wide-compat.conf, however the output of the command ssh -G '*' | grep -i '^HostKeyAlgo' | cut -d' ' -f2- | sed 's/,/\n/g' | sort that you pasted above doesn't match mine. In this output, the following algos are missing:

ssh-dss
[email protected]
[email protected]
[email protected]

Are you that you don't have some other config (in /etc/ssh/ssh_config.d or in /etc/ssh/ssh_config) that modifies HostKeyAlgorithms?

Besides, the list of algo proposed by the hydra (last line, client [...]) doesn't match the algo listed by the command ssh -G '*'... It's all confusing to me.

@chinnidiwakar
Copy link

image
Nope Only One under ssh_config.d

and only this content in ssh_config

└─# cat /etc/ssh/ssh_config                        

# This is the ssh client system-wide configuration file.  See
# ssh_config(5) for more information.  This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.

# Configuration data is parsed as follows:
#  1. command line options
#  2. user-specific file
#  3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.

# Site-wide defaults for some commonly used options.  For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.

Include /etc/ssh/ssh_config.d/*.conf

Host *
#   ForwardAgent no
#   ForwardX11 no
#   ForwardX11Trusted yes
#   PasswordAuthentication yes
#   HostbasedAuthentication no
#   GSSAPIAuthentication no
#   GSSAPIDelegateCredentials no
#   GSSAPIKeyExchange no
#   GSSAPITrustDNS no
#   BatchMode no
#   CheckHostIP yes
#   AddressFamily any
#   ConnectTimeout 0
#   StrictHostKeyChecking ask
#   IdentityFile ~/.ssh/id_rsa
#   IdentityFile ~/.ssh/id_dsa
#   IdentityFile ~/.ssh/id_ecdsa
#   IdentityFile ~/.ssh/id_ed25519
#   Port 22
#   Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc
#   MACs hmac-md5,hmac-sha1,[email protected]
#   EscapeChar ~
#   Tunnel no
#   TunnelDevice any:any
#   PermitLocalCommand no
#   VisualHostKey no
#   ProxyCommand ssh -q -W %h:%p gateway.example.com
#   RekeyLimit 1G 1h
#   UserKnownHostsFile ~/.ssh/known_hosts.d/%k
    SendEnv LANG LC_*
    HashKnownHosts yes
    GSSAPIAuthentication yes
                                    ```

@elboulangero
Copy link

Ok... What about your ~/.ssh directory, any config there?

So far I can't explain why the command ssh -G '*' | grep -i '^HostKeyAlgo' | cut -d' ' -f2- | sed 's/,/\n/g' | sort doesn't show all algorithms, it might be related to the issue you're having. But it's something in your setup, so you should try to sort that out first.

@chinnidiwakar
Copy link 

└─# cd .ssh                    
                                                                                                                              
┌──(root㉿kali)-[~/.ssh]
└─# ls                     
config  known_hosts  known_hosts.old
                                                                                                                              
┌──(root㉿kali)-[~/.ssh]
└─# cat config             
Host *
PubkeyAcceptedAlgorithms +ssh-rsa
HostkeyAlgorithms +ssh-rsa
Ciphers +aes128-cbc,aes256-cbc,3des-cbc
KexAlgorithms +diffie-hellman-group14-sha1
                                                                                                                              
┌──(root㉿kali)-[~/.ssh]
└─# cat known_hosts
|1|76LXJtBP0owI1pKahd1sHuBIx/w=|AFaVVqEeqMC6p4lLzPf//91ZxSQ= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAstqnuFMBOZvO3WTEjP4TUdjgWkIVNdTq6kboEDjteOfc65TlI7sRvQBwqAhQjeeyyIk8T55gMDkOD0akSlSXvLDcmcdYfxeIF0ZSuT+nkRhij7XSSA/Oc5QSk3sJ/SInfb78e3anbRHpmkJcVgETJ5WhKObUNf1AKZW++4Xlc63M4KI5cjvMMIPEVOyR3AKmI78Fo3HJjYucg87JjLeC66I7+dlEYX6zT8i1XYwa/L1vZ3qSJISGVu8kRPikMv/cNSvki4j+qDYyZ2E5497W87+Ed46/8P42LNGoOV8OcX/ro6pAcbEPUdUEfkJrqi2YXbhvwIJ0gFMb6wfe5cnQew==
|1|A7sMLVqSKm8AEvGATQ3GZouz7P0=|0DBmzsnTXEBLg00EcB4CEY5/F50= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHvehXYom8uMxoVm24UzeGE7SOVsWjZcqN5KxuPiJld4
|1|tOGdV9AySiMAp2Ftlikz0jPp8a4=|05slJEjtiGYEXMsHI51xfx8WhIY= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC+jqqZKVegyOKFd3cc0vByJqpF9OXGcAytlm+DZFXDmPAMNwWanRN8b7eMWA3oEJwszI3c/M+przNm1Ultl4m3RfU01XiWSfWphC13rgBfMRLSDSDjj5EtTv4fPwXUeDJVflQ7lvYNgfF6c2MP5VFfj2GdynVO6EJJse1S2LrGX7wCfsfYs7CFd2GUVWeH9hau673oRVY0pcIKwwh80p1tr90g5cJjpjzLYGsOwShDJwipEFit0lxI9e8nEF/tYbGtYOabvVEokO+ze//mwvxqv5pm3IhV8juiC26iDNDDh4BvvcAczN9kREKy1LN5kXem9xePkWbrUohc8zze2eXCifwqUq5SNXMGdJaBCw3uBs4kM5bw5ki5z03SnXnINlrC2fyEKoGTxLnQ1+bEjHB4/kPaxfBUYerS8pMkn+OztVO8JMXG6u+IFg8wNjfcd3Bba+UItK8j6vNpy4AvcrkAKyBmEW5YRHI+Kimcy4o2+LlvDqZP/RWuYkCkIKAbFpM=
|1|AmqocFwlwBKAtlCodG+xRB30HzA=|6xZi8vZo7wPqSFuwX0uA7OTifrI= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOYSZyPQ6Lr80Z2b9E0IFTEGlZcroQx5tcbKpR/W/MGQXxcGREQ3IV3Y/ARyO/+INpGkKyaIQfHnj9fSlk1leMg=
|1|pa+QHDpvutgOYomnDViVHHSEEC4=|r+6qHVLtXwmlEk0K8HtE3gf9w2k= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAstqnuFMBOZvO3WTEjP4TUdjgWkIVNdTq6kboEDjteOfc65TlI7sRvQBwqAhQjeeyyIk8T55gMDkOD0akSlSXvLDcmcdYfxeIF0ZSuT+nkRhij7XSSA/Oc5QSk3sJ/SInfb78e3anbRHpmkJcVgETJ5WhKObUNf1AKZW++4Xlc63M4KI5cjvMMIPEVOyR3AKmI78Fo3HJjYucg87JjLeC66I7+dlEYX6zT8i1XYwa/L1vZ3qSJISGVu8kRPikMv/cNSvki4j+qDYyZ2E5497W87+Ed46/8P42LNGoOV8OcX/ro6pAcbEPUdUEfkJrqi2YXbhvwIJ0gFMb6wfe5cnQew==
                                                                                                                              
┌──(root㉿kali)-[~/.ssh]
└─# cat known_hosts.old 
|1|76LXJtBP0owI1pKahd1sHuBIx/w=|AFaVVqEeqMC6p4lLzPf//91ZxSQ= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAstqnuFMBOZvO3WTEjP4TUdjgWkIVNdTq6kboEDjteOfc65TlI7sRvQBwqAhQjeeyyIk8T55gMDkOD0akSlSXvLDcmcdYfxeIF0ZSuT+nkRhij7XSSA/Oc5QSk3sJ/SInfb78e3anbRHpmkJcVgETJ5WhKObUNf1AKZW++4Xlc63M4KI5cjvMMIPEVOyR3AKmI78Fo3HJjYucg87JjLeC66I7+dlEYX6zT8i1XYwa/L1vZ3qSJISGVu8kRPikMv/cNSvki4j+qDYyZ2E5497W87+Ed46/8P42LNGoOV8OcX/ro6pAcbEPUdUEfkJrqi2YXbhvwIJ0gFMb6wfe5cnQew==
|1|A7sMLVqSKm8AEvGATQ3GZouz7P0=|0DBmzsnTXEBLg00EcB4CEY5/F50= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHvehXYom8uMxoVm24UzeGE7SOVsWjZcqN5KxuPiJld4
                                                                                                                              
┌──(root㉿kali)-[~/.ssh]
└─#

@chinnidiwakar
Copy link

this is the default kali downloaded and using straight from kali.org website, and the same issue persists in 10 or more other kali's. so i dont even know where the issue is to fix.

@elboulangero
Copy link

@chinnidiwakar

The file ~/.ssh/config is what's causing the issue. You surely see that this file defines PubkeyAcceptedAlgorithms and HostkeyAlgorithms and Ciphers and KexAlgorithms, right? Hence those settings take precedence over what's in /etc/ssh/ssh_config.d/kali-wide-compat.conf. In other words, Kali Wide Compat settings are ignored.

So please remove the file ~/.ssh/config and maybe that will be enough to fix the issue.

Also, this file is not Kali's default, what's in ~/.ssh/ was added by you.

@chinnidiwakar
Copy link

Hi Sorry for delayed Response, and Thanks for Noticing, that config file is a small workaround that i found on the stackoverflow, and forgot to remove it later, as you explained it think it takes precedence and not taking my kali-tweaks modifications, i removed the file and now hydra could crack it just as expected, thanks for your time and support with all these back and forth, i will try to reexecute all the commands and will share the output for future reference. Thanks again.

@spiral009
Copy link

spiral009 commented Sep 29, 2023
edited
Loading 

[ERROR] could not connect to ssh://192.168.0.149:22 - kex error : no match for method server host key algo: server [ssh-dss], client [ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa]

Crackmapexec

ValueError: p must be exactly 1024, 2048, 3072, or 4096 bits long

I did the kali twaek
No ~/.ssh/config

root@localhost:~# ssh -G '*' | grep -i '^HostKeyAlgo' | cut -d' ' -f2- | sed 's/,/\n/g' | sort                                                                      ecdsa-sha2-nistp256                                                               [email protected]                                          ecdsa-sha2-nistp384                                                               [email protected]                                          ecdsa-sha2-nistp521                                                               [email protected]                                          rsa-sha2-256                                                                      [email protected]
rsa-sha2-512                                                                      [email protected]                                                 [email protected]                                       [email protected]                                                [email protected]                                               [email protected]                                                        ssh-dss                                                                           [email protected]                                                      ssh-ed25519                                                                       [email protected]
ssh-rsa                                                                           [email protected]                                                      [email protected]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
good first issue help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@ClaudioVarandas @elboulangero @vanhauser-thc @chinnidiwakar @rickiey @spiral009 @godylockz