How can I list MACs, Ciphers and KexAlogrithms supported by my ssh server?

Solution 1:

You miss few points in your question:

  • What is your openssh version? It can differ a bit over the versions.
  • ServerKeyBits is option for protocol version 1, which you have hopefully disabled!

Supported Ciphers, MACs and KexAlgorithms are always available in manual and this doesn't have anything in common with key lengths.

Enabled Chiphers, MACs and KexAlgorithms are the ones that are offered using connection as you point out. But they can be gained also in other ways, for example using sshd -T | grep "\(ciphers\|macs\|kexalgorithms\)"

To get the key length of your server key(s), you can use ssh-keygen: ssh-keygen -lf /etc/ssh/ssh_host_rsa_key.pub

but you will probably want also the moduli sizes that are offered and used during the key exchange, but it really depends on the key exchange method, but it should be also readable from debug output ssh -vvv host.

Solution 2:

How can I determine the supported MACs, Ciphers, Key length and KexAlogrithms supported by my ssh servers?

It looks like the answer on https://superuser.com/a/1219759/173408 is also an answer to your question. It fits in one line:

nmap --script ssh2-enum-algos -sV -p 22 1.2.3.4

Here is the output on a plain Debian 9.4 machine with current SSH version:

Starting Nmap 7.01 ( https://nmap.org ) at 2018-05-22 13:40 CEST
Nmap scan report for 1.2.3.4
Host is up (0.00024s latency).
PORT   STATE SERVICE VERSION
22/tcp open  ssh     OpenSSH 7.4p1 Debian 10+deb9u3 (protocol 2.0)
| ssh2-enum-algos: 
|   kex_algorithms: (10)
|       curve25519-sha256
|       [email protected]
|       ecdh-sha2-nistp256
|       ecdh-sha2-nistp384
|       ecdh-sha2-nistp521
|       diffie-hellman-group-exchange-sha256
|       diffie-hellman-group16-sha512
|       diffie-hellman-group18-sha512
|       diffie-hellman-group14-sha256
|       diffie-hellman-group14-sha1
|   server_host_key_algorithms: (5)
|       ssh-rsa
|       rsa-sha2-512
|       rsa-sha2-256
|       ecdsa-sha2-nistp256
|       ssh-ed25519
|   encryption_algorithms: (6)
|       [email protected]
|       aes128-ctr
|       aes192-ctr
|       aes256-ctr
|       [email protected]
|       [email protected]
|   mac_algorithms: (10)
|       [email protected]
|       [email protected]
|       [email protected]
|       [email protected]
|       [email protected]
|       [email protected]
|       [email protected]
|       hmac-sha2-256
|       hmac-sha2-512
|       hmac-sha1
|   compression_algorithms: (2)
|       none
|_      [email protected]
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 0.52 seconds

Tags:

Linux

Ssh

Audit