I was doing some testing were I needed to test an SSH server’s support for various key exchange algorithms. I know PuTTY for Windows supports the configuration of key exchange algorithms, but I was testing in a Command Line only VM environment that already had a number of Linux clients running. It’s not obvious from the ssh man page or my searches (I found one site that said it’s not possible), it turns out to be almost as straightforward as setting your cipher or MAC algorithm. Just use the
-o KexAlgorithms=<comma_separated_list_of_algorithms> option.
<comma_separated_list_of_algorithms> can be any of the following:
- ecdh-sha2-nistp256 – (elliptic curve nist-p256), limited support.
- ecdh-sha2-nistp384 – (elliptic curve nist-p384), limited support.
- ecdh-sha2-nistp521 – (elliptic curve nist-p512), limited support.
- diffie-hellman-group-exchange-sha256 – (discrete log bits are negotiated), limited support.
- diffie-hellman-group-exchange-sha1 – (discrete log bits are negotiated), limited support.
- diffie-hellman-group14-sha1 – (discrete log 2048 bits), should be good for now, and widely supported.
- diffie-hellman-group1-sha1 – (discrete log 768 bits), might not be strong enough, but widely supported.
Note: The elliptic curve algorithms are believed to be as strong or stronger than the standard Diffie-Hellman discrete log cryptography; however, they are newer and have not been as thoroughly analyzed.
Example: ssh -o KexAlgorithms=diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384 email@example.com