Generate a SSH pair with AES-256-CBC
You do not generate the key used by aes
when you use ssh-keygen
. Since aes
is a symmetric cipher, its keys do not come in pairs. Both ends of the communication use the same key.
The key generated by ssh-keygen uses public key cryptography for authentication. From the ssh-keygen
manual:
ssh-keygen generates, manages and converts authentication keys for
ssh(1). ssh-keygen can create RSA keys for use by SSH protocol version 1
and DSA, ECDSA, Ed25519 or RSA keys for use by SSH protocol version 2.
From the ssh
manual:
Public key authentication works as follows: The scheme is based on
public-key cryptography, using cryptosystems where encryption and
decryption are done using separate keys, and it is unfeasible to derive
the decryption key from the encryption key. The idea is that each user
creates a public/private key pair for authentication purposes. The
server knows the public key, and only the user knows the private key.
ssh implements public key authentication protocol automatically, using
one of the DSA, ECDSA, Ed25519 or RSA algorithms.
The problem with public key cryptography is that it is quite slow. Symmetric key cryptography is much faster and is used by ssh
for the actual data transfer. The key used for the symmetric cryptography is generated on the fly after the connection was established (quoting from the sshd
manual):
For protocol 2, forward security is provided through a Diffie-Hellman key
agreement. This key agreement results in a shared session key. The rest
of the session is encrypted using a symmetric cipher, currently 128-bit
AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES. The
client selects the encryption algorithm to use from those offered by the
server. Additionally, session integrity is provided through a
cryptographic message authentication code (hmac-md5, hmac-sha1, umac-64,
umac-128, hmac-ripemd160, hmac-sha2-256 or hmac-sha2-512).
If you wish to use aes256-cbc
you need to specify it on the command line using the -c option, in its most basic form this would look like this:
$ ssh -c aes256-cbc user@host
You can also specify your preferred selection of ciphers in ssh_config
, using a comma-separated list. Tinkering with the defaults, is, however, not recommended since this is best left to the experts. There are lots of considerations and years of experience that went into the choice of defaults by the OpenSSH developers.