I connect to a Linux machine (CentOS 6.4) using PuTTY. Except from fact that I can set PuTTY to only use one type of protocol, how can I find the current SSH connection's version (SSH1 or SSH2)?
Asked
Active
Viewed 2.4e+01k times
54
-
It can help to show what research you've already done – Drew Khoury Oct 12 '13 at 08:34
-
@DrewKhoury I only tried with google to find an answer to this but no result found regardin this. No one explains how can I see the current connection (in use) protocol (ssh1 or ssh2). – codiac Oct 12 '13 at 10:20
8 Answers
60
Once you are in you say:
ssh -v localhost
it will tell you the exact version of the server.
cstamas
- 6,607
- 24
- 42
35
An alternative way.
As cstamas suggested, you can use ssh -v localhost. Uou simply ssh to yourself 127.0.0.1 on verbose mode, which will display debugging messages of the progress. Yes, through this process you can look at the top of the communication and you can get the SSH version that you are currently running.
But if you read the ssh man page, you will find the -V option on ssh more useful. Taken out the ssh man page:
-V Display the version number and exit.
-v Verbose mode. Causes ssh to print debugging messages about its progress. This is helpful in debugging connection, authentication, and configuration problems. Multiple -v options increase the verbosity. The maximum is 3.
So I think it would be better to simply do ssh -V and get something similar to:
> ssh -V
OpenSSH_6.6.1p1, OpenSSL 1.0.1e-fips 11 Feb 2013
Peter Mortensen
- 2,319
- 5
- 23
- 24
Thanos
- 473
- 6
- 12
-
4That's the version of the _program_, not the protocol used for a connection. As a 3-year earlier answer correctly explained, the very same program can support both SSH1 and SSH2 protcols, or not, depending on configuration. – dave_thompson_085 Mar 01 '18 at 09:35
14
PuTTY
In Session, Logging, select the "SSH packets and raw data" radio button. Select the log file as putty.log in a location of your choice. Make the connection. You should see:
Event Log: Server version: SSH-2.0-OpenSSH_5.3
Event Log: Using SSH protocol version 2
See below for details on what SSH-2.0 means.
Other Methods
You could also try using the telnet client, but point to port 22:
telnet test1 22
When you connect you will see:
Trying 192.168.144.145...
Connected to test1.
Escape character is '^]'.
SSH-2.0-OpenSSH_5.3
The last line is the one to look for:
SSH-2.0-OpenSSH_5.3
If it says SSH-2.0 then that is good, the SSH server you connected to supports only SSH protocol version 2. It will not support connections from SSH V1 protocol clients.
If however you see:
SSH-1.99-OpenSSH_5.3
Then that means that the server end is still supporting SSH protocol version 1. It has something like this in it's sshd_config file:
Protocol 1,2
Protocol 1 is vulnerable and should not be used.
So to get that straight. If you see SSH-2 when you telnet to port 22 of the remote server then you can only be using SSH protocol version 2 as the server does not support protocol 1.
As per cstamas answer above, the -v flag will show a line:
debug1: Remote protocol version 1.99, remote software version OpenSSH_5.3
or:
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
You want to see version 2.0 there.
-
1Re *"...is still supporting SSL protocol..."*: Do you mean *"...is still supporting SSH protocol..."*? – Peter Mortensen Jun 07 '20 at 18:43
5
I like this better:
$ echo ~ | nc localhost 22
SSH-1.99-OpenSSH_3.9p1
Protocol mismatch.
$
The benefit here is that it can be done programatically since the connection isn't held open. For Python, try:
ssh_protocol = float(re.search(r"SSH-(\d.\d+)").group(1))
3
You can get this pretty quickly using netcat from your local machine, for example:
$ nc [IP_ADDRESS] 22
SSH-2.0-OpenSSH_5.3
Awesominator
- 39
- 1
- 3
-
Yep. `"SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u6"` for an old Raspberry Pi (internal). I also got the exact same result as you for some web hosting ([Red Hat Linux](https://en.wikipedia.org/wiki/Red_Hat_Linux) based?). – Peter Mortensen Jun 07 '20 at 18:51
1
To get more details you can use this:
rpm -qi openssh
Name : openssh
Version : 7.4p1
Release : 21.el7
Architecture: x86_64
Install Date: Пт 17 янв 2020 12:21:57
Group : Applications/Internet
Size : 1991172
License : BSD
Signature : RSA/SHA256, Пт 23 авг 2019 00:37:23, Key ID 24c6a8a7f4a80eb5
Source RPM : openssh-7.4p1-21.el7.src.rpm
Build Date : Пт 09 авг 2019 04:40:49
Build Host : x86-01.bsys.centos.org
Relocations : (not relocatable)
Packager : CentOS BuildSystem <http://bugs.centos.org>
Vendor : CentOS
URL : http://www.openssh.com/portable.html
Summary : An open source implementation of SSH protocol versions 1 and 2
Guinness
- 21
- 1
0
One can try to login using SSH -1 , and shall be rejected if this version is disabled:
$ ssh -1 user@server_name
SSH protocol v.1 is no longer supported
SSH 2 shall be accepted:
$ ssh -2 user@server_name
frank_108
- 101
- 1
0
The only method I am aware of requires that one has sufficient privileges to view the ssh log entries in /var/log/auth.log.
$ echo $SSH_CONNECTION
127.0.0.1 12375 127.0.0.1 22
The first and second fields of the SSH_CONNECTION variable indicate the source IP address and source port of my connection. By grep-ing for those values in /var/log/auth.log, I can find the log entry from when my SSH connection was authenticated.
$ sudo grep -F ' from 127.0.0.1 port 12375 ' /var/log/auth.log | grep ssh
Jun 26 16:29:52 morton sshd[20895]: Accepted keyboard-interactive/pam for jim from 127.0.0.1 port 12375 ssh2
This log entry tells me that my current connection is using the SSH 2 protocol. Of course, if the ssh session has been open for several days, the log entry may be in /var/log/auth.log.0 or some older auth.log file.
Peter Mortensen
- 2,319
- 5
- 23
- 24
Jim L.
- 645
- 4
- 10