How can I list MACs, Ciphers and KexAlogrithms supported by my ssh server?

Question

How can I determine the supported MACs, Ciphers, Key length and KexAlogrithms supported by my ssh servers?

I need to create a list for an external security audit. I'm looking for something similar to openssl s_client -connect example.com:443 -showcerts. From my research the ssh uses the default ciphers as listed in man sshd_config. However I need a solution I can use in a script and man sshd_config does not list information about key length. I need to correct myself here: You can specify ServerKeyBits in sshd_config.

I guess that ssh -vv localhost &> ssh_connection_specs.out returns the information I need but I'm not sure if the listed ciphers are the ciphers supported the client or by the server. Also I'm not sure how to run this non interactive in a script.

Is there a convenient way to get SSH connection information?

Answer 1

How can I determine the supported MACs, Ciphers, Key length and KexAlogrithms supported by my ssh servers?

It looks like the answer on https://superuser.com/a/1219759/173408 is also an answer to your question. It fits in one line:

nmap --script ssh2-enum-algos -sV -p 22 1.2.3.4

Here is the output on a plain Debian 9.4 machine with current SSH version:

Starting Nmap 7.01 ( https://nmap.org ) at 2018-05-22 13:40 CEST
Nmap scan report for 1.2.3.4
Host is up (0.00024s latency).
PORT   STATE SERVICE VERSION
22/tcp open  ssh     OpenSSH 7.4p1 Debian 10+deb9u3 (protocol 2.0)
| ssh2-enum-algos: 
|   kex_algorithms: (10)
|       curve25519-sha256
|       curve25519-sha256@libssh.org
|       ecdh-sha2-nistp256
|       ecdh-sha2-nistp384
|       ecdh-sha2-nistp521
|       diffie-hellman-group-exchange-sha256
|       diffie-hellman-group16-sha512
|       diffie-hellman-group18-sha512
|       diffie-hellman-group14-sha256
|       diffie-hellman-group14-sha1
|   server_host_key_algorithms: (5)
|       ssh-rsa
|       rsa-sha2-512
|       rsa-sha2-256
|       ecdsa-sha2-nistp256
|       ssh-ed25519
|   encryption_algorithms: (6)
|       chacha20-poly1305@openssh.com
|       aes128-ctr
|       aes192-ctr
|       aes256-ctr
|       aes128-gcm@openssh.com
|       aes256-gcm@openssh.com
|   mac_algorithms: (10)
|       umac-64-etm@openssh.com
|       umac-128-etm@openssh.com
|       hmac-sha2-256-etm@openssh.com
|       hmac-sha2-512-etm@openssh.com
|       hmac-sha1-etm@openssh.com
|       umac-64@openssh.com
|       umac-128@openssh.com
|       hmac-sha2-256
|       hmac-sha2-512
|       hmac-sha1
|   compression_algorithms: (2)
|       none
|_      zlib@openssh.com
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 0.52 seconds

Answer 2

You miss few points in your question:

• What is your openssh version? It can differ a bit over the versions.
• ServerKeyBits is option for protocol version 1, which you have hopefully disabled!

Supported Ciphers, MACs and KexAlgorithms are always available in manual and this doesn't have anything in common with key lengths.

Enabled Chiphers, MACs and KexAlgorithms are the ones that are offered using connection as you point out. But they can be gained also in other ways, for example using sshd -T | grep "\(ciphers\|macs\|kexalgorithms\)"

To get the key length of your server key(s), you can use ssh-keygen: ssh-keygen -lf /etc/ssh/ssh_host_rsa_key.pub

but you will probably want also the moduli sizes that are offered and used during the key exchange, but it really depends on the key exchange method, but it should be also readable from debug output ssh -vvv host.