HELP: Modify preferred algorithms lists for handshake TYPE: OBJECT SYNTAX: ALGORITHMS(KEX='str',HOSTKEYS='str',CIPHERS_CS='str',CIPHERS_SC='str',COMPRESS_CS='str',COMPRESS_SC='str',HMAC_CS='str',HMAC_SC='str')
SSH clients and servers support various cryptographic algorithms to secure an SSH connection. In the handshake phase at the beginning of each SSH connection, both parties negotiate the algorithms that will be used for this connection. For this purpose, client and server exchange multiple lists of their respective supported algorithms for each type of algorithm. The algorithm lists are sent in order of preference. In other words, putting an algorithm at the beginning of the list is a suggestion to the other party to prefer this algorithm over others. Algorithms that do not appear in the list cannot be negotiated.
The algos
object can be used to specify custom lists of acceptable /
preferred algorithms. Each list is a comma-separated string of one or
more of the supported algorithms. Unsupported algorithms are silently
ignored. Algorithm lists specified via algos
object override those
specified in any SSH config file.
The handshake will fail if none of the specified algorithms is supported by the server.
Preferences for the following algorithm types can be customized:
To get a list of algorithms supported by the libssh library (shipped
with FLAM), connect to any existing SSH server with verbose logging
enabled (net.ssh(verbosity=all)
) and without specifying the algos
object. (For example:
flcl info "get.file=ssh://example.com/anypath net.ssh(verbosity=all)"
)
Look for a line containing "Changing host key method to" to find the
default algorithm lists (which might already be modified by your SSH
configuration files). The relevant log output looks similar to this:
PACKET (ssh_client_select_hostkeys) ssh_client_select_hostkeys: Changing host key method to "ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss" FUNCTION (ssh_list_kex) ssh_list_kex: kex algos: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group18-sha512, diffie-hellman-group16-sha512,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c FUNCTION (ssh_list_kex) ssh_list_kex: server host key algo: ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss FUNCTION (ssh_list_kex) ssh_list_kex: encryption client->server: aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc FUNCTION (ssh_list_kex) ssh_list_kex: encryption server->client: aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc FUNCTION (ssh_list_kex) ssh_list_kex: mac algo client->server: hmac-sha2-256,hmac-sha2-512,hmac-sha1 FUNCTION (ssh_list_kex) ssh_list_kex: mac algo server->client: hmac-sha2-256,hmac-sha2-512,hmac-sha1 FUNCTION (ssh_list_kex) ssh_list_kex: compression algo client->server: none FUNCTION (ssh_list_kex) ssh_list_kex: compression algo server->client: none
There is another list in the log containing the algorithms supported by the server.
For some algorithms, HW-accelerated cipher and hash functions are used, reducing CPU utilization for cryptographic operations considerably.
On IBM Z hardware, the appropriate CPACF Message Security Assist (MSA) extensions must be available and enabled. The supported MSA version determines which algorithms are implemented in hardware. This is detected automatically during SSH connection establishment. The appropriate implementation is used by default to accelerate data encryption with AES as well as HMAC computation based on MD5, SHA-1 and SHA-2.
On other platforms, the hardware accleration implementation of OpenSSL is used transparently.
STRING: KEX='str' - Preferred key exchange algorithms (comma-separated)
STRING: HOSTKEYS='str' - Acceptable hostkey algorithms (comma-separated)
STRING: CIPHERS_CS='str' - Preferred cipher algorithms client-to-server (comma-separated)
STRING: CIPHERS_SC='str' - Preferred cipher algorithms server-to-client (comma-separated)
STRING: COMPRESS_CS='str' - Preferred compression algorithms client-to-server (comma-separated)
STRING: COMPRESS_SC='str' - Preferred compression algorithms server-to-client (comma-separated)
STRING: HMAC_CS='str' - Preferred HMAC algorithms client-to-server (comma-separated)
STRING: HMAC_SC='str' - Preferred HMAC algorithms server-to-client (comma-separated)