Skip to content

Instantly share code, notes, and snippets.

@koobs
Last active December 30, 2023 20:31
  • Star 108 You must be signed in to star a gist
  • Fork 7 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save koobs/e01cf8869484a095605404cd0051eb11 to your computer and use it in GitHub Desktop.
FreeBSD SSH Hardening

FreeBSD SSH Hardening

Hi HN! Note: this is less a guide and more to use the same instructions as those in the guides at https://www.ssh-audit.com/hardening_guides.html in order to submit it for inclusion there. Having said that, and based on feedback already, we'll probably look to more fully flesh it out.

This might all look scary, but dont worry, instructions for backing up your ssh configuration and reverting change are included. Have fun, and if you're unsure, reach out for help or questions @ #freebsd libera IRC or Twitter #freebsd.

If you are running this hardening script and reporting results back here, it is important for validation purposes that the instructions are copied verbatim, as they will be sent upstream. Please copy-paste commands, rather than manually typing them.

Not doing so may result in an undefined system state. If errors occur, please report tham to koobs @ Libera Chat IRC.

Backup ssh config, install ssh-audit

  1. sudo -s # we need root for most of this (doas is OK too)
  2. cp -Rp /etc/ssh /etc/ssh.bak # backup ssh config just in case
  3. portmaster security/py-ssh-audit # install ssh-audit (pkg add or make install is fine too)
  4. rehash

Enable and start sshd, then run ssh-audit, saving the output

  1. sysrc sshd_enable="yes"
  2. service sshd start
  3. uname -a > ~/ssh-audit.out
  4. ssh-audit --no-colors localhost >> ~/ssh-audit.out

Remove existing key-pairs, disable DSA/ECDSA, regenerate RSA/ED25519

rm /etc/ssh/ssh_host_*
sysrc sshd_dsa_enable="no"
sysrc sshd_ecdsa_enable="no"
sysrc sshd_ed25519_enable="yes"
sysrc sshd_rsa_enable="yes"
service sshd keygen

Remove Diffie-Hellman moduli smaller than 3071

awk '$5 >= 3071' /etc/ssh/moduli > /etc/ssh/moduli.safe
mv /etc/ssh/moduli.safe /etc/ssh/moduli

Disable DSA and ECDSA host keys, enable RSA ed25519 host keys

sed -i .bak 's/^HostKey \/etc\/ssh\/ssh_host_\(dsa\|ecdsa\)_key$/\#HostKey \/etc\/ssh\/ssh_host_\1_key/g; s/^#HostKey \/etc\/ssh\/ssh_host_\(rsa\|ed25519\)_key$/\HostKey \/etc\/ssh\/ssh_host_\1_key/g' /etc/ssh/sshd_config

Restrict supported key exchange, cipher, and MAC algorithms

printf "\n# Restrict key exchange, cipher, and MAC algorithms, as per sshaudit.com\n# hardening guide.\nKexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha256\nCiphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\nMACs hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com\nHostKeyAlgorithms ssh-ed25519,ssh-ed25519-cert-v01@openssh.com" >> /etc/ssh/sshd_config

Restart sshd and run ssh-audit again, appending output

  1. service sshd restart
  2. ssh-audit --no-colors localhost >> ~/ssh-audit.out

Report results

  • Add contents of ~/ssh-audit.out as a comment to this gist, OR...
  • Send (pastebin) the contents of ~/ssh-audit.out to koobs @ Libera Chat IRC

If you want to revert the SSH configuration

  1. rm -rf /etc/ssh
  2. mv /etc/ssh.bak /etc/ssh
  3. sysrc -x sshd_dsa_enable
  4. sysrc -x sshd_ecdsa_enable
  5. sysrc -x sshd_ed25519_enable
  6. sysrc -x sshd_rsa_enable
  7. service sshd restart

If you weren't running ssh before this guide, additionally run:

  1. sysrc -x sshd_enable
  2. service sshd stop
@jlduran
Copy link

jlduran commented Sep 14, 2021

FreeBSD 13.0-RELEASE

# general
(gen) banner: SSH-2.0-OpenSSH_7.9 FreeBSD-20200214
(gen) software: OpenSSH 7.9 running on FreeBSD (2020-02-14)
(gen) compatibility: OpenSSH 7.4+, Dropbear SSH 2018.76+
(gen) compression: enabled (zlib@openssh.com)

# key exchange algorithms
(kex) curve25519-sha256                     -- [info] available since OpenSSH 7.4, Dropbear SSH 2018.76
(kex) curve25519-sha256@libssh.org          -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
(kex) ecdh-sha2-nistp256                    -- [fail] using weak elliptic curves
                                            `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
(kex) ecdh-sha2-nistp384                    -- [fail] using weak elliptic curves
                                            `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
(kex) ecdh-sha2-nistp521                    -- [fail] using weak elliptic curves
                                            `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
(kex) diffie-hellman-group-exchange-sha256 (2048-bit) -- [info] available since OpenSSH 4.4
(kex) diffie-hellman-group16-sha512         -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
(kex) diffie-hellman-group18-sha512         -- [info] available since OpenSSH 7.3
(kex) diffie-hellman-group14-sha256         -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
(kex) diffie-hellman-group14-sha1           -- [warn] using weak hashing algorithm
                                            `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53

# host-key algorithms
(key) rsa-sha2-512 (2048-bit)               -- [info] available since OpenSSH 7.2
(key) rsa-sha2-256 (2048-bit)               -- [info] available since OpenSSH 7.2
(key) ssh-rsa (2048-bit)                    -- [fail] using weak hashing algorithm
                                            `- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
                                            `- [info] a future deprecation notice has been issued in OpenSSH 8.2: https://www.openssh.com/txt/release-8.2
(key) ecdsa-sha2-nistp256                   -- [fail] using weak elliptic curves
                                            `- [warn] using weak random number generator could reveal the key
                                            `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
(key) ssh-ed25519                           -- [info] available since OpenSSH 6.5

# encryption algorithms (ciphers)
(enc) chacha20-poly1305@openssh.com         -- [info] available since OpenSSH 6.5
                                            `- [info] default cipher since OpenSSH 6.9.
(enc) aes128-ctr                            -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
(enc) aes192-ctr                            -- [info] available since OpenSSH 3.7
(enc) aes256-ctr                            -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
(enc) aes128-gcm@openssh.com                -- [info] available since OpenSSH 6.2
(enc) aes256-gcm@openssh.com                -- [info] available since OpenSSH 6.2

# message authentication code algorithms
(mac) umac-64-etm@openssh.com               -- [warn] using small 64-bit tag size
                                            `- [info] available since OpenSSH 6.2
(mac) umac-128-etm@openssh.com              -- [info] available since OpenSSH 6.2
(mac) hmac-sha2-256-etm@openssh.com         -- [info] available since OpenSSH 6.2
(mac) hmac-sha2-512-etm@openssh.com         -- [info] available since OpenSSH 6.2
(mac) hmac-sha1-etm@openssh.com             -- [warn] using weak hashing algorithm
                                            `- [info] available since OpenSSH 6.2
(mac) umac-64@openssh.com                   -- [warn] using encrypt-and-MAC mode
                                            `- [warn] using small 64-bit tag size
                                            `- [info] available since OpenSSH 4.7
(mac) umac-128@openssh.com                  -- [warn] using encrypt-and-MAC mode
                                            `- [info] available since OpenSSH 6.2
(mac) hmac-sha2-256                         -- [warn] using encrypt-and-MAC mode
                                            `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
(mac) hmac-sha2-512                         -- [warn] using encrypt-and-MAC mode
                                            `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
(mac) hmac-sha1                             -- [warn] using encrypt-and-MAC mode
                                            `- [warn] using weak hashing algorithm
                                            `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28

# fingerprints
(fin) ssh-ed25519: SHA256:n91fAOBnxLDtlG4mYthD9xl6x0X8nJWfQJMdOXYDpfM
(fin) ssh-rsa: SHA256:LRNOFOXxPGE6jkg4wN2LmzYX/NrqbKBfovMm80Pvlws

# algorithm recommendations (for OpenSSH 7.9)
(rec) -diffie-hellman-group14-sha1          -- kex algorithm to remove 
(rec) -ecdh-sha2-nistp256                   -- kex algorithm to remove 
(rec) -ecdh-sha2-nistp384                   -- kex algorithm to remove 
(rec) -ecdh-sha2-nistp521                   -- kex algorithm to remove 
(rec) -ecdsa-sha2-nistp256                  -- key algorithm to remove 
(rec) -hmac-sha1                            -- mac algorithm to remove 
(rec) -hmac-sha1-etm@openssh.com            -- mac algorithm to remove 
(rec) -hmac-sha2-256                        -- mac algorithm to remove 
(rec) -hmac-sha2-512                        -- mac algorithm to remove 
(rec) -ssh-rsa                              -- key algorithm to remove 
(rec) -umac-128@openssh.com                 -- mac algorithm to remove 
(rec) -umac-64-etm@openssh.com              -- mac algorithm to remove 
(rec) -umac-64@openssh.com                  -- mac algorithm to remove 

# additional info
(nfo) For hardening guides on common OSes, please see: <https://www.ssh-audit.com/hardening_guides.html>

# general
(gen) banner: SSH-2.0-OpenSSH_7.9 FreeBSD-20200214
(gen) software: OpenSSH 7.9 running on FreeBSD (2020-02-14)
(gen) compatibility: OpenSSH 7.4+, Dropbear SSH 2018.76+
(gen) compression: enabled (zlib@openssh.com)

# key exchange algorithms
(kex) curve25519-sha256                     -- [info] available since OpenSSH 7.4, Dropbear SSH 2018.76
(kex) curve25519-sha256@libssh.org          -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
(kex) diffie-hellman-group16-sha512         -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
(kex) diffie-hellman-group18-sha512         -- [info] available since OpenSSH 7.3
(kex) diffie-hellman-group-exchange-sha256 (2048-bit) -- [info] available since OpenSSH 4.4

# host-key algorithms
(key) ssh-ed25519                           -- [info] available since OpenSSH 6.5

# encryption algorithms (ciphers)
(enc) chacha20-poly1305@openssh.com         -- [info] available since OpenSSH 6.5
                                            `- [info] default cipher since OpenSSH 6.9.
(enc) aes256-gcm@openssh.com                -- [info] available since OpenSSH 6.2
(enc) aes128-gcm@openssh.com                -- [info] available since OpenSSH 6.2
(enc) aes256-ctr                            -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
(enc) aes192-ctr                            -- [info] available since OpenSSH 3.7
(enc) aes128-ctr                            -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52

# message authentication code algorithms
(mac) hmac-sha2-256-etm@openssh.com         -- [info] available since OpenSSH 6.2
(mac) hmac-sha2-512-etm@openssh.com         -- [info] available since OpenSSH 6.2
(mac) umac-128-etm@openssh.com              -- [info] available since OpenSSH 6.2

# fingerprints
(fin) ssh-ed25519: SHA256:3Vp/ma6PaiRaBOfQRu0MqYdXvpBABSmyHhVMiH7MgTw

# algorithm recommendations (for OpenSSH 7.9)
(rec) +diffie-hellman-group14-sha256        -- kex algorithm to append 
(rec) +rsa-sha2-256                         -- key algorithm to append 
(rec) +rsa-sha2-512                         -- key algorithm to append 

FreeBSD cirrus-task-5323190432956416 13.0-RELEASE FreeBSD 13.0-RELEASE #0 releng/13.0-n244733-ea31abc261f: Fri Apr  9 04:24:09 UTC 2021     root@releng1.nyi.freebsd.org:/usr/obj/usr/src/amd64.amd64/sys/GENERIC  amd64

FreeBSD 11.4-RELEASE

# general
(gen) banner: SSH-2.0-OpenSSH_7.5 FreeBSD-20170903
(gen) software: OpenSSH 7.5 running on FreeBSD (2017-09-03)
(gen) compatibility: OpenSSH 7.4+ (some functionality from 6.6), Dropbear SSH 2018.76+
(gen) compression: enabled (zlib@openssh.com)

# security
(cve) CVE-2018-15473                        -- (CVSSv2: 5.3) enumerate usernames due to timing discrepencies

# key exchange algorithms
(kex) curve25519-sha256                     -- [info] available since OpenSSH 7.4, Dropbear SSH 2018.76
(kex) curve25519-sha256@libssh.org          -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
(kex) ecdh-sha2-nistp256                    -- [fail] using weak elliptic curves
                                            `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
(kex) ecdh-sha2-nistp384                    -- [fail] using weak elliptic curves
                                            `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
(kex) ecdh-sha2-nistp521                    -- [fail] using weak elliptic curves
                                            `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
(kex) diffie-hellman-group-exchange-sha256 (2048-bit) -- [info] available since OpenSSH 4.4
(kex) diffie-hellman-group16-sha512         -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
(kex) diffie-hellman-group18-sha512         -- [info] available since OpenSSH 7.3
(kex) diffie-hellman-group14-sha256         -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
(kex) diffie-hellman-group14-sha1           -- [warn] using weak hashing algorithm
                                            `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53

# host-key algorithms
(key) ssh-rsa (2048-bit)                    -- [fail] using weak hashing algorithm
                                            `- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
                                            `- [info] a future deprecation notice has been issued in OpenSSH 8.2: https://www.openssh.com/txt/release-8.2
(key) rsa-sha2-512 (2048-bit)               -- [info] available since OpenSSH 7.2
(key) rsa-sha2-256 (2048-bit)               -- [info] available since OpenSSH 7.2
(key) ecdsa-sha2-nistp256                   -- [fail] using weak elliptic curves
                                            `- [warn] using weak random number generator could reveal the key
                                            `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
(key) ssh-ed25519                           -- [info] available since OpenSSH 6.5

# encryption algorithms (ciphers)
(enc) aes128-ctr                            -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
(enc) aes192-ctr                            -- [info] available since OpenSSH 3.7
(enc) aes256-ctr                            -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
(enc) arcfour256                            -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
                                            `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
                                            `- [warn] using weak cipher
                                            `- [info] available since OpenSSH 4.2
(enc) arcfour128                            -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
                                            `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
                                            `- [warn] using weak cipher
                                            `- [info] available since OpenSSH 4.2
(enc) aes128-cbc                            -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
                                            `- [warn] using weak cipher mode
                                            `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
(enc) 3des-cbc                              -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
                                            `- [warn] disabled (in client) since OpenSSH 7.4, unsafe algorithm
                                            `- [warn] using weak cipher
                                            `- [warn] using weak cipher mode
                                            `- [warn] using small 64-bit block size
                                            `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28

# message authentication code algorithms
(mac) umac-64-etm@openssh.com               -- [warn] using small 64-bit tag size
                                            `- [info] available since OpenSSH 6.2
(mac) umac-128-etm@openssh.com              -- [info] available since OpenSSH 6.2
(mac) hmac-sha2-256-etm@openssh.com         -- [info] available since OpenSSH 6.2
(mac) hmac-sha2-512-etm@openssh.com         -- [info] available since OpenSSH 6.2
(mac) hmac-sha1-etm@openssh.com             -- [warn] using weak hashing algorithm
                                            `- [info] available since OpenSSH 6.2
(mac) umac-64@openssh.com                   -- [warn] using encrypt-and-MAC mode
                                            `- [warn] using small 64-bit tag size
                                            `- [info] available since OpenSSH 4.7
(mac) umac-128@openssh.com                  -- [warn] using encrypt-and-MAC mode
                                            `- [info] available since OpenSSH 6.2
(mac) hmac-sha2-256                         -- [warn] using encrypt-and-MAC mode
                                            `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
(mac) hmac-sha2-512                         -- [warn] using encrypt-and-MAC mode
                                            `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
(mac) hmac-sha1                             -- [warn] using encrypt-and-MAC mode
                                            `- [warn] using weak hashing algorithm
                                            `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28

# fingerprints
(fin) ssh-ed25519: SHA256:9Sf/zWOHty/xMCqsb68MlG3+99KASg7kCEOnBOHc3Ik
(fin) ssh-rsa: SHA256:48cggI7pVRFVMHtGTU7pJ2Xjzi7wQKlpWObN/yJSZBw

# algorithm recommendations (for OpenSSH 7.5)
(rec) +aes128-gcm@openssh.com               -- enc algorithm to append 
(rec) +aes256-gcm@openssh.com               -- enc algorithm to append 
(rec) +chacha20-poly1305@openssh.com        -- enc algorithm to append 
(rec) -3des-cbc                             -- enc algorithm to remove 
(rec) -aes128-cbc                           -- enc algorithm to remove 
(rec) -arcfour128                           -- enc algorithm to remove 
(rec) -arcfour256                           -- enc algorithm to remove 
(rec) -diffie-hellman-group14-sha1          -- kex algorithm to remove 
(rec) -ecdh-sha2-nistp256                   -- kex algorithm to remove 
(rec) -ecdh-sha2-nistp384                   -- kex algorithm to remove 
(rec) -ecdh-sha2-nistp521                   -- kex algorithm to remove 
(rec) -ecdsa-sha2-nistp256                  -- key algorithm to remove 
(rec) -hmac-sha1                            -- mac algorithm to remove 
(rec) -hmac-sha1-etm@openssh.com            -- mac algorithm to remove 
(rec) -hmac-sha2-256                        -- mac algorithm to remove 
(rec) -hmac-sha2-512                        -- mac algorithm to remove 
(rec) -ssh-rsa                              -- key algorithm to remove 
(rec) -umac-128@openssh.com                 -- mac algorithm to remove 
(rec) -umac-64-etm@openssh.com              -- mac algorithm to remove 
(rec) -umac-64@openssh.com                  -- mac algorithm to remove 

# additional info
(nfo) For hardening guides on common OSes, please see: <https://www.ssh-audit.com/hardening_guides.html>

# general
(gen) banner: SSH-2.0-OpenSSH_7.5 FreeBSD-20170903
(gen) software: OpenSSH 7.5 running on FreeBSD (2017-09-03)
(gen) compatibility: OpenSSH 7.4+ (some functionality from 6.6), Dropbear SSH 2018.76+
(gen) compression: enabled (zlib@openssh.com)

# security
(cve) CVE-2018-15473                        -- (CVSSv2: 5.3) enumerate usernames due to timing discrepencies

# key exchange algorithms
(kex) curve25519-sha256                     -- [info] available since OpenSSH 7.4, Dropbear SSH 2018.76
(kex) curve25519-sha256@libssh.org          -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
(kex) diffie-hellman-group16-sha512         -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
(kex) diffie-hellman-group18-sha512         -- [info] available since OpenSSH 7.3
(kex) diffie-hellman-group-exchange-sha256 (2048-bit) -- [info] available since OpenSSH 4.4

# host-key algorithms
(key) ssh-ed25519                           -- [info] available since OpenSSH 6.5

# encryption algorithms (ciphers)
(enc) aes128-ctr                            -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
(enc) aes192-ctr                            -- [info] available since OpenSSH 3.7
(enc) aes256-ctr                            -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
(enc) arcfour256                            -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
                                            `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
                                            `- [warn] using weak cipher
                                            `- [info] available since OpenSSH 4.2
(enc) arcfour128                            -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
                                            `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
                                            `- [warn] using weak cipher
                                            `- [info] available since OpenSSH 4.2
(enc) aes128-cbc                            -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
                                            `- [warn] using weak cipher mode
                                            `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
(enc) 3des-cbc                              -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
                                            `- [warn] disabled (in client) since OpenSSH 7.4, unsafe algorithm
                                            `- [warn] using weak cipher
                                            `- [warn] using weak cipher mode
                                            `- [warn] using small 64-bit block size
                                            `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28

# message authentication code algorithms
(mac) hmac-sha2-256-etm@openssh.com         -- [info] available since OpenSSH 6.2
(mac) hmac-sha2-512-etm@openssh.com         -- [info] available since OpenSSH 6.2
(mac) umac-128-etm@openssh.com              -- [info] available since OpenSSH 6.2

# fingerprints
(fin) ssh-ed25519: SHA256:gBFzQbDIcE6gZ9QWfRgrH0O0E7lpVT9PpmVRfTxtk+w

# algorithm recommendations (for OpenSSH 7.5)
(rec) +aes128-gcm@openssh.com               -- enc algorithm to append 
(rec) +aes256-gcm@openssh.com               -- enc algorithm to append 
(rec) +chacha20-poly1305@openssh.com        -- enc algorithm to append 
(rec) +diffie-hellman-group14-sha256        -- kex algorithm to append 
(rec) +rsa-sha2-256                         -- key algorithm to append 
(rec) +rsa-sha2-512                         -- key algorithm to append 
(rec) -3des-cbc                             -- enc algorithm to remove 
(rec) -aes128-cbc                           -- enc algorithm to remove 
(rec) -arcfour128                           -- enc algorithm to remove 
(rec) -arcfour256                           -- enc algorithm to remove 

# additional info
(nfo) For hardening guides on common OSes, please see: <https://www.ssh-audit.com/hardening_guides.html>

FreeBSD cirrus-task-5041715456245760 11.4-RELEASE FreeBSD 11.4-RELEASE #0 r362094: Fri Jun 12 18:27:15 UTC 2020     root@releng2.nyi.freebsd.org:/usr/obj/usr/src/sys/GENERIC  amd64

Copy link

ghost commented Sep 14, 2021

FreeBSD haiku 13.0-RELEASE-p4 FreeBSD 13.0-RELEASE-p4 #0: Tue Aug 24 07:33:27 UTC 2021 root@amd64-builder.daemonology.net:/usr/obj/usr/src/amd64.amd64/sys/GENERIC amd64

# general
(gen) banner: SSH-2.0-OpenSSH_7.9 FreeBSD-20200214
(gen) software: OpenSSH 7.9 running on FreeBSD (2020-02-14)
(gen) compatibility: OpenSSH 7.4+, Dropbear SSH 2018.76+
(gen) compression: enabled (zlib@openssh.com)

# key exchange algorithms
(kex) curve25519-sha256                     -- [info] available since OpenSSH 7.4, Dropbear SSH 2018.76
(kex) curve25519-sha256@libssh.org          -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
(kex) ecdh-sha2-nistp256                    -- [fail] using weak elliptic curves
                                            `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
(kex) ecdh-sha2-nistp384                    -- [fail] using weak elliptic curves
                                            `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
(kex) ecdh-sha2-nistp521                    -- [fail] using weak elliptic curves
                                            `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
(kex) diffie-hellman-group-exchange-sha256 (2048-bit) -- [info] available since OpenSSH 4.4
(kex) diffie-hellman-group16-sha512         -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
(kex) diffie-hellman-group18-sha512         -- [info] available since OpenSSH 7.3
(kex) diffie-hellman-group14-sha256         -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
(kex) diffie-hellman-group14-sha1           -- [warn] using weak hashing algorithm
                                            `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53

# host-key algorithms
(key) rsa-sha2-512 (2048-bit)               -- [info] available since OpenSSH 7.2
(key) rsa-sha2-256 (2048-bit)               -- [info] available since OpenSSH 7.2
(key) ssh-rsa (2048-bit)                    -- [fail] using weak hashing algorithm
                                            `- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
                                            `- [info] a future deprecation notice has been issued in OpenSSH 8.2: https://www.openssh.com/txt/release-8.2
(key) ecdsa-sha2-nistp256                   -- [fail] using weak elliptic curves
                                            `- [warn] using weak random number generator could reveal the key
                                            `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
(key) ssh-ed25519                           -- [info] available since OpenSSH 6.5

# encryption algorithms (ciphers)
(enc) chacha20-poly1305@openssh.com         -- [info] available since OpenSSH 6.5
                                            `- [info] default cipher since OpenSSH 6.9.
(enc) aes128-ctr                            -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
(enc) aes192-ctr                            -- [info] available since OpenSSH 3.7
(enc) aes256-ctr                            -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
(enc) aes128-gcm@openssh.com                -- [info] available since OpenSSH 6.2
(enc) aes256-gcm@openssh.com                -- [info] available since OpenSSH 6.2

# message authentication code algorithms
(mac) umac-64-etm@openssh.com               -- [warn] using small 64-bit tag size
                                            `- [info] available since OpenSSH 6.2
(mac) umac-128-etm@openssh.com              -- [info] available since OpenSSH 6.2
(mac) hmac-sha2-256-etm@openssh.com         -- [info] available since OpenSSH 6.2
(mac) hmac-sha2-512-etm@openssh.com         -- [info] available since OpenSSH 6.2
(mac) hmac-sha1-etm@openssh.com             -- [warn] using weak hashing algorithm
                                            `- [info] available since OpenSSH 6.2
(mac) umac-64@openssh.com                   -- [warn] using encrypt-and-MAC mode
                                            `- [warn] using small 64-bit tag size
                                            `- [info] available since OpenSSH 4.7
(mac) umac-128@openssh.com                  -- [warn] using encrypt-and-MAC mode
                                            `- [info] available since OpenSSH 6.2
(mac) hmac-sha2-256                         -- [warn] using encrypt-and-MAC mode
                                            `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
(mac) hmac-sha2-512                         -- [warn] using encrypt-and-MAC mode
                                            `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
(mac) hmac-sha1                             -- [warn] using encrypt-and-MAC mode
                                            `- [warn] using weak hashing algorithm
                                            `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28

# fingerprints
(fin) ssh-ed25519: SHA256:26aehIB7TaODzSeD33/rcN6F2GEYxUBuNTwESROjubY
(fin) ssh-rsa: SHA256:K/ba0aDzdetjtRz1UFzmWz437/N0PWfoRLypYDAdXbI

# algorithm recommendations (for OpenSSH 7.9)
(rec) -diffie-hellman-group14-sha1          -- kex algorithm to remove 
(rec) -ecdh-sha2-nistp256                   -- kex algorithm to remove 
(rec) -ecdh-sha2-nistp384                   -- kex algorithm to remove 
(rec) -ecdh-sha2-nistp521                   -- kex algorithm to remove 
(rec) -ecdsa-sha2-nistp256                  -- key algorithm to remove 
(rec) -hmac-sha1                            -- mac algorithm to remove 
(rec) -hmac-sha1-etm@openssh.com            -- mac algorithm to remove 
(rec) -hmac-sha2-256                        -- mac algorithm to remove 
(rec) -hmac-sha2-512                        -- mac algorithm to remove 
(rec) -ssh-rsa                              -- key algorithm to remove 
(rec) -umac-128@openssh.com                 -- mac algorithm to remove 
(rec) -umac-64-etm@openssh.com              -- mac algorithm to remove 
(rec) -umac-64@openssh.com                  -- mac algorithm to remove 

# additional info
(nfo) For hardening guides on common OSes, please see: <https://www.ssh-audit.com/hardening_guides.html>

# general
(gen) banner: SSH-2.0-OpenSSH_7.9 FreeBSD-20200214
(gen) software: OpenSSH 7.9 running on FreeBSD (2020-02-14)
(gen) compatibility: OpenSSH 7.4+, Dropbear SSH 2018.76+
(gen) compression: enabled (zlib@openssh.com)

# key exchange algorithms
(kex) curve25519-sha256                     -- [info] available since OpenSSH 7.4, Dropbear SSH 2018.76
(kex) curve25519-sha256@libssh.org          -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
(kex) diffie-hellman-group16-sha512         -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
(kex) diffie-hellman-group18-sha512         -- [info] available since OpenSSH 7.3
(kex) diffie-hellman-group-exchange-sha256 (2048-bit) -- [info] available since OpenSSH 4.4

# host-key algorithms
(key) ssh-ed25519                           -- [info] available since OpenSSH 6.5

# encryption algorithms (ciphers)
(enc) chacha20-poly1305@openssh.com         -- [info] available since OpenSSH 6.5
                                            `- [info] default cipher since OpenSSH 6.9.
(enc) aes256-gcm@openssh.com                -- [info] available since OpenSSH 6.2
(enc) aes128-gcm@openssh.com                -- [info] available since OpenSSH 6.2
(enc) aes256-ctr                            -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
(enc) aes192-ctr                            -- [info] available since OpenSSH 3.7
(enc) aes128-ctr                            -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52

# message authentication code algorithms
(mac) hmac-sha2-256-etm@openssh.com         -- [info] available since OpenSSH 6.2
(mac) hmac-sha2-512-etm@openssh.com         -- [info] available since OpenSSH 6.2
(mac) umac-128-etm@openssh.com              -- [info] available since OpenSSH 6.2

# fingerprints
(fin) ssh-ed25519: SHA256:cl/tEbc658wAtZVIZ13VtFUNE8NIyh+B8NOzJN9Eq+k

# algorithm recommendations (for OpenSSH 7.9)
(rec) +diffie-hellman-group14-sha256        -- kex algorithm to append 
(rec) +rsa-sha2-256                         -- key algorithm to append 
(rec) +rsa-sha2-512                         -- key algorithm to append 

@parv
Copy link

parv commented Sep 14, 2021

FreeBSD gaia 13.0-STABLE FreeBSD 13.0-STABLE #2 zfs-arc-unit-n246942-e9fba36ca57: Tue Aug 24 22:13:39 HST 2021 root@gaia:/src-build/obj/src-build/src/amd64.amd64/sys/INVM-efi amd64

    # general
    (gen) banner: SSH-2.0-OpenSSH_7.9 FreeBSD-20200214
    (gen) software: OpenSSH 7.9 running on FreeBSD (2020-02-14)
    (gen) compatibility: OpenSSH 7.4+, Dropbear SSH 2018.76+
    (gen) compression: enabled (zlib@openssh.com)

    # key exchange algorithms
    (kex) curve25519-sha256                     -- [info] available since OpenSSH 7.4, Dropbear SSH 2018.76
    (kex) curve25519-sha256@libssh.org          -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
    (kex) ecdh-sha2-nistp256                    -- [fail] using weak elliptic curves
                                                `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
    (kex) ecdh-sha2-nistp384                    -- [fail] using weak elliptic curves
                                                `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
    (kex) ecdh-sha2-nistp521                    -- [fail] using weak elliptic curves
                                                `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
    (kex) diffie-hellman-group-exchange-sha256 (2048-bit) -- [info] available since OpenSSH 4.4
    (kex) diffie-hellman-group16-sha512         -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
    (kex) diffie-hellman-group18-sha512         -- [info] available since OpenSSH 7.3
    (kex) diffie-hellman-group14-sha256         -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
    (kex) diffie-hellman-group14-sha1           -- [warn] using weak hashing algorithm
                                                `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53

    # host-key algorithms
    (key) rsa-sha2-512 (2048-bit)               -- [info] available since OpenSSH 7.2
    (key) rsa-sha2-256 (2048-bit)               -- [info] available since OpenSSH 7.2
    (key) ssh-rsa (2048-bit)                    -- [fail] using weak hashing algorithm
                                                `- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
                                                `- [info] a future deprecation notice has been issued in OpenSSH 8.2: https://www.openssh.com/txt/release-8.2
    (key) ecdsa-sha2-nistp256                   -- [fail] using weak elliptic curves
                                                `- [warn] using weak random number generator could reveal the key
                                                `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
    (key) ssh-ed25519                           -- [info] available since OpenSSH 6.5

    # encryption algorithms (ciphers)
    (enc) chacha20-poly1305@openssh.com         -- [info] available since OpenSSH 6.5
                                                `- [info] default cipher since OpenSSH 6.9.
    (enc) aes128-ctr                            -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
    (enc) aes192-ctr                            -- [info] available since OpenSSH 3.7
    (enc) aes256-ctr                            -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
    (enc) aes128-gcm@openssh.com                -- [info] available since OpenSSH 6.2
    (enc) aes256-gcm@openssh.com                -- [info] available since OpenSSH 6.2

    # message authentication code algorithms
    (mac) umac-64-etm@openssh.com               -- [warn] using small 64-bit tag size
                                                `- [info] available since OpenSSH 6.2
    (mac) umac-128-etm@openssh.com              -- [info] available since OpenSSH 6.2
    (mac) hmac-sha2-256-etm@openssh.com         -- [info] available since OpenSSH 6.2
    (mac) hmac-sha2-512-etm@openssh.com         -- [info] available since OpenSSH 6.2
    (mac) hmac-sha1-etm@openssh.com             -- [warn] using weak hashing algorithm
                                                `- [info] available since OpenSSH 6.2
    (mac) umac-64@openssh.com                   -- [warn] using encrypt-and-MAC mode
                                                `- [warn] using small 64-bit tag size
                                                `- [info] available since OpenSSH 4.7
    (mac) umac-128@openssh.com                  -- [warn] using encrypt-and-MAC mode
                                                `- [info] available since OpenSSH 6.2
    (mac) hmac-sha2-256                         -- [warn] using encrypt-and-MAC mode
                                                `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
    (mac) hmac-sha2-512                         -- [warn] using encrypt-and-MAC mode
                                                `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
    (mac) hmac-sha1                             -- [warn] using encrypt-and-MAC mode
                                                `- [warn] using weak hashing algorithm
                                                `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28

    # fingerprints
    (fin) ssh-ed25519: SHA256:RGHsB1muYlZq3IfGjnhAouZIMvEBDiz5sN8RKPqE6Dc
    (fin) ssh-rsa: SHA256:Vwu/6Cw3RQ1s2NbiP+QTqaRlej6d2EiuNe9lFsBfb1M

    # algorithm recommendations (for OpenSSH 7.9)
    (rec) -diffie-hellman-group14-sha1          -- kex algorithm to remove 
    (rec) -ecdh-sha2-nistp256                   -- kex algorithm to remove 
    (rec) -ecdh-sha2-nistp384                   -- kex algorithm to remove 
    (rec) -ecdh-sha2-nistp521                   -- kex algorithm to remove 
    (rec) -ecdsa-sha2-nistp256                  -- key algorithm to remove 
    (rec) -hmac-sha1                            -- mac algorithm to remove 
    (rec) -hmac-sha1-etm@openssh.com            -- mac algorithm to remove 
    (rec) -hmac-sha2-256                        -- mac algorithm to remove 
    (rec) -hmac-sha2-512                        -- mac algorithm to remove 
    (rec) -ssh-rsa                              -- key algorithm to remove 
    (rec) -umac-128@openssh.com                 -- mac algorithm to remove 
    (rec) -umac-64-etm@openssh.com              -- mac algorithm to remove 
    (rec) -umac-64@openssh.com                  -- mac algorithm to remove 

    # additional info
    (nfo) For hardening guides on common OSes, please see: <https://www.ssh-audit.com/hardening_guides.html>

    # general
    (gen) banner: SSH-2.0-OpenSSH_7.9 FreeBSD-20200214
    (gen) software: OpenSSH 7.9 running on FreeBSD (2020-02-14)
    (gen) compatibility: OpenSSH 7.4+, Dropbear SSH 2018.76+
    (gen) compression: enabled (zlib@openssh.com)

    # key exchange algorithms
    (kex) curve25519-sha256                     -- [info] available since OpenSSH 7.4, Dropbear SSH 2018.76
    (kex) curve25519-sha256@libssh.org          -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
    (kex) diffie-hellman-group16-sha512         -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
    (kex) diffie-hellman-group18-sha512         -- [info] available since OpenSSH 7.3
    (kex) diffie-hellman-group-exchange-sha256 (2048-bit) -- [info] available since OpenSSH 4.4

    # host-key algorithms
    (key) ssh-ed25519                           -- [info] available since OpenSSH 6.5

    # encryption algorithms (ciphers)
    (enc) chacha20-poly1305@openssh.com         -- [info] available since OpenSSH 6.5
                                                `- [info] default cipher since OpenSSH 6.9.
    (enc) aes256-gcm@openssh.com                -- [info] available since OpenSSH 6.2
    (enc) aes128-gcm@openssh.com                -- [info] available since OpenSSH 6.2
    (enc) aes256-ctr                            -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
    (enc) aes192-ctr                            -- [info] available since OpenSSH 3.7
    (enc) aes128-ctr                            -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52

    # message authentication code algorithms
    (mac) hmac-sha2-256-etm@openssh.com         -- [info] available since OpenSSH 6.2
    (mac) hmac-sha2-512-etm@openssh.com         -- [info] available since OpenSSH 6.2
    (mac) umac-128-etm@openssh.com              -- [info] available since OpenSSH 6.2

    # fingerprints
    (fin) ssh-ed25519: SHA256:ssVzIt8D58kI5cM6TGb9MZFtQ/Iq+lNhtlUmCwpQt0s

    # algorithm recommendations (for OpenSSH 7.9)
    (rec) +diffie-hellman-group14-sha256        -- kex algorithm to append 
    (rec) +rsa-sha2-256                         -- key algorithm to append 
    (rec) +rsa-sha2-512                         -- key algorithm to append 

@jimmiejaz42
Copy link

FreeBSD FORTYTWO 13.0-STABLE FreeBSD 13.0-STABLE #3 stable/13-n247112-c44d2e30e8a: Sat Sep 11 13:38:25 EDT 2021 jimmie@FORTYTWO:/usr/obj/usr/src/amd64.amd64/sys/FORTYTWO amd64

general

(gen) banner: SSH-2.0-OpenSSH_7.9 FreeBSD-20200214
(gen) software: OpenSSH 7.9 running on FreeBSD (2020-02-14)
(gen) compatibility: OpenSSH 7.4+, Dropbear SSH 2018.76+
(gen) compression: enabled (zlib@openssh.com)

key exchange algorithms

(kex) curve25519-sha256 -- [info] available since OpenSSH 7.4, Dropbear SSH 2018.76
(kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
(kex) ecdh-sha2-nistp256 -- [fail] using weak elliptic curves
- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62 (kex) ecdh-sha2-nistp384 -- [fail] using weak elliptic curves - [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
(kex) ecdh-sha2-nistp521 -- [fail] using weak elliptic curves
- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62 (kex) diffie-hellman-group-exchange-sha256 (2048-bit) -- [info] available since OpenSSH 4.4 (kex) diffie-hellman-group16-sha512 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73 (kex) diffie-hellman-group18-sha512 -- [info] available since OpenSSH 7.3 (kex) diffie-hellman-group14-sha256 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73 (kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm - [info] available since OpenSSH 3.9, Dropbear SSH 0.53

host-key algorithms

(key) rsa-sha2-512 (2048-bit) -- [info] available since OpenSSH 7.2
(key) rsa-sha2-256 (2048-bit) -- [info] available since OpenSSH 7.2
(key) ssh-rsa (2048-bit) -- [fail] using weak hashing algorithm
- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28 - [info] a future deprecation notice has been issued in OpenSSH 8.2: https://www.openssh.com/txt/release-8.2
(key) ecdsa-sha2-nistp256 -- [fail] using weak elliptic curves
- [warn] using weak random number generator could reveal the key - [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
(key) ssh-ed25519 -- [info] available since OpenSSH 6.5

encryption algorithms (ciphers)

(enc) chacha20-poly1305@openssh.com -- [info] available since OpenSSH 6.5
`- [info] default cipher since OpenSSH 6.9.
(enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
(enc) aes192-ctr -- [info] available since OpenSSH 3.7
(enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
(enc) aes128-gcm@openssh.com -- [info] available since OpenSSH 6.2
(enc) aes256-gcm@openssh.com -- [info] available since OpenSSH 6.2

message authentication code algorithms

(mac) umac-64-etm@openssh.com -- [warn] using small 64-bit tag size
- [info] available since OpenSSH 6.2 (mac) umac-128-etm@openssh.com -- [info] available since OpenSSH 6.2 (mac) hmac-sha2-256-etm@openssh.com -- [info] available since OpenSSH 6.2 (mac) hmac-sha2-512-etm@openssh.com -- [info] available since OpenSSH 6.2 (mac) hmac-sha1-etm@openssh.com -- [warn] using weak hashing algorithm - [info] available since OpenSSH 6.2
(mac) umac-64@openssh.com -- [warn] using encrypt-and-MAC mode
- [warn] using small 64-bit tag size - [info] available since OpenSSH 4.7
(mac) umac-128@openssh.com -- [warn] using encrypt-and-MAC mode
- [info] available since OpenSSH 6.2 (mac) hmac-sha2-256 -- [warn] using encrypt-and-MAC mode - [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
(mac) hmac-sha2-512 -- [warn] using encrypt-and-MAC mode
- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56 (mac) hmac-sha1 -- [warn] using encrypt-and-MAC mode - [warn] using weak hashing algorithm
`- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28

fingerprints

(fin) ssh-ed25519: SHA256:cj1SzvyyAT56HmcxANgV/Nyro7sxfGwVGRJHgfhhPSw
(fin) ssh-rsa: SHA256:J03zUB7Nhd9GX+SgLGY2vth0WBdRvYVKIaFOFOxZ94M

algorithm recommendations (for OpenSSH 7.9)

(rec) -diffie-hellman-group14-sha1 -- kex algorithm to remove
(rec) -ecdh-sha2-nistp256 -- kex algorithm to remove
(rec) -ecdh-sha2-nistp384 -- kex algorithm to remove
(rec) -ecdh-sha2-nistp521 -- kex algorithm to remove
(rec) -ecdsa-sha2-nistp256 -- key algorithm to remove
(rec) -hmac-sha1 -- mac algorithm to remove
(rec) -hmac-sha1-etm@openssh.com -- mac algorithm to remove
(rec) -hmac-sha2-256 -- mac algorithm to remove
(rec) -hmac-sha2-512 -- mac algorithm to remove
(rec) -ssh-rsa -- key algorithm to remove
(rec) -umac-128@openssh.com -- mac algorithm to remove
(rec) -umac-64-etm@openssh.com -- mac algorithm to remove
(rec) -umac-64@openssh.com -- mac algorithm to remove

additional info

(nfo) For hardening guides on common OSes, please see: https://www.ssh-audit.com/hardening_guides.html

general

(gen) banner: SSH-2.0-OpenSSH_7.9 FreeBSD-20200214
(gen) software: OpenSSH 7.9 running on FreeBSD (2020-02-14)
(gen) compatibility: OpenSSH 7.4+, Dropbear SSH 2018.76+
(gen) compression: enabled (zlib@openssh.com)

key exchange algorithms

(kex) curve25519-sha256 -- [info] available since OpenSSH 7.4, Dropbear SSH 2018.76
(kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
(kex) diffie-hellman-group16-sha512 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
(kex) diffie-hellman-group18-sha512 -- [info] available since OpenSSH 7.3
(kex) diffie-hellman-group-exchange-sha256 (2048-bit) -- [info] available since OpenSSH 4.4

host-key algorithms

(key) ssh-ed25519 -- [info] available since OpenSSH 6.5

encryption algorithms (ciphers)

(enc) chacha20-poly1305@openssh.com -- [info] available since OpenSSH 6.5
`- [info] default cipher since OpenSSH 6.9.
(enc) aes256-gcm@openssh.com -- [info] available since OpenSSH 6.2
(enc) aes128-gcm@openssh.com -- [info] available since OpenSSH 6.2
(enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
(enc) aes192-ctr -- [info] available since OpenSSH 3.7
(enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52

message authentication code algorithms

(mac) hmac-sha2-256-etm@openssh.com -- [info] available since OpenSSH 6.2
(mac) hmac-sha2-512-etm@openssh.com -- [info] available since OpenSSH 6.2
(mac) umac-128-etm@openssh.com -- [info] available since OpenSSH 6.2

fingerprints

(fin) ssh-ed25519: SHA256:k0fQ3JkPLM0ZqQNNf9ujq1xpUQVQvWM5jKB5rUKpe7w

algorithm recommendations (for OpenSSH 7.9)

(rec) +diffie-hellman-group14-sha256 -- kex algorithm to append
(rec) +rsa-sha2-256 -- key algorithm to append
(rec) +rsa-sha2-512 -- key algorithm to append

FreeBSD FORTYTWO 13.0-STABLE FreeBSD 13.0-STABLE #3 stable/13-n247112-c44d2e30e8a: Sat Sep 11 13:38:25 EDT 2021 jimmie@FORTYTWO:/usr/obj/usr/src/amd64.amd64/sys/FORTYTWO amd64

@jlduran
Copy link

jlduran commented Sep 15, 2021

@koobs, as requested, please take a look at bsdlabs/ssh-hardening, the README (essentially a copy-paste from this gist) will run against all supported FreeBSD versions (i.e. the README gets tested). Any improvement to the README will trigger the test matrix on Cirrus CI and dump the results as an artifact. Hope it helps.

Here are the artifacts:

14.0-CURRENT: https://api.cirrus-ci.com/v1/artifact/task/5643887319449600/ssh_audit/ssh-audit.out
13.0-RELEASE: https://api.cirrus-ci.com/v1/artifact/task/5080937366028288/ssh_audit/ssh-audit.out
12.2-RELEASE: https://api.cirrus-ci.com/v1/artifact/task/6206837272870912/ssh_audit/ssh-audit.out
11.4-RELEASE: https://api.cirrus-ci.com/v1/artifact/task/4799462389317632/ssh_audit/ssh-audit.out

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment