SSH compatibility
Tables that give configuration details for each profile.
Standard SSH protocols profile (since 23.3.0)
| Function | Algorithms |
|---|---|
| Key exchange |
sntrup761x25519-sha512@openssh.com curve25519-sha256 curve25519-sha256@libssh.org diffie-hellman-group-exchange-sha256 diffie-hellman-group16-sha512 diffie-hellman-group18-sha512 |
| Ciphers |
chacha20-poly1305@openssh.com aes128-ctr aes192-ctr aes256-ctr aes128-gcm@openssh.com aes256-gcm@openssh.com |
| MACs |
umac-128-etm@openssh.com hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com |
| Host Key Algorithms |
rsa-sha2-512 rsa-sha2-256 ssh-ed25519 |
Legacy SSH protocols profile (prior 23.3.0)
| Function | Algorithms |
|---|---|
| Key exchange |
curve25519-sha256@libssh.org diffie-hellman-group18-sha512 diffie-hellman-group14-sha256 diffie-hellman-group16-sha512 diffie-hellman-group-exchange-sha256 |
| Ciphers |
chacha20-poly1305@openssh.com aes256-gcm@openssh.com aes128-gcm@openssh.com aes256-ctr aes192-ctr aes128-ctr |
| MACs |
hmac-sha2-256 hmac-sha2-512 hmac-sha2-512-etm@openssh.com hmac-sha2-256-etm@openssh.com umac-128-etm@openssh.com |
| Host Key Algorithms |
ecdsa-sha2-nistp384 ecdsa-sha2-nistp521 ssh-rsa ssh-ed25519 |
CCN SSH protocols profile
| Function | Algorithms |
|---|---|
| Key exchange |
ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group18-sha512 diffie-hellman-group16-sha512 |
| Ciphers |
aes256-gcm@openssh.com aes128-gcm@openssh.com aes256-ctr aes192-ctr aes128-ctr |
| MACs |
hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com hmac-sha2-256 hmac-sha2-512 |
| Host Key Algorithms |
ecdsa-sha2-nistp384 ecdsa-sha2-nistp521 ecdsa-sha2-nistp256 |
For more details, see Supported SSH protocols in FIPS mode.