login about faq

I'm connected with Tectia Client (sshg3) to a remote host and I'm interested in finding out what encryption algorithm is being used for my connection. What's the easiest way to figure it out?

asked Oct 06 '09 at 12:38

Ville%20Laurikari's gravatar image

Ville Laurikari

edited Oct 13 '09 at 10:31

Sami%20Lehtinen's gravatar image

Sami Lehtinen

For a terminal connection taken with sshg3, probably the easiest way to find out this, and more, is using escape sequences. Escape sequences consist of the escape character followed by a command character. The default escape character is ~ (tilde). Escape sequences must by typed directly after a newline.

Enter a newline, i.e. press Enter first, then type ~?. Your sshg3 will respond by dumping a meny of supported escape sequences on the terminal. Among them is:

~s   - dump statistics and connection information to stderr

So, to see this information you'll press enter and then type ~s. Here's an example of what the output will look like:

destination: vlaurika@dev-aix53:22
local host: dev-linux2
remote version: SSH-2.0- SSH Tectia Server
local version: SSH-2.0- SSH Secure Shell
bytes in: 1212
bytes out: 7
key exchanges: 1

Chosen key exchange algorithm: diffie-hellman-group1-sha1
Chosen host key algorithm: ssh-rsa
Common ciphers: crypticore128@ssh.com,aes128-cbc,aes192-cbc,aes256-cbc,
Common macs: crypticore-mac@ssh.com,hmac-md5,hmac-sha1,hmac-sha256-2@ssh.com,
Common compressions: none
Common host key algorithms: x509v3-sign-rsa,x509v3-sign-dss,ssh-rsa,ssh-dss

Algorithms client to server:
Cipher: aes128-cbc
MAC: hmac-md5
Compression: none

Algorithms server to client:
Cipher: aes128-cbc
MAC: hmac-md5
Compression: none

In this case, the encryption algorithm is 128-bit AES in CBC mode, together with the MD5 hash message authentication code.


answered Oct 06 '09 at 12:45

Ville%20Laurikari's gravatar image

Ville Laurikari

edited Oct 06 '09 at 15:38

Another way of doing this by using Tectia Connection Broker:

List the open connections by running:

$ ssh-broker-ctl list-connections
1. localhost port 22 as moe [#42]
Open since Wed 07 Oct 2009 11:43:42 PM EEST [up 00:02:10]
1 open channel.

Find the connection id from the output above and query the connection details by running:

$ ssh-broker-ctl connection-status 42

The output will be something like:

localhost port 22 as moe [#42]
Server version: SSH-2.0- SSH Tectia Server
Open since Wed 07 Oct 2009 11:43:42 PM EEST [up 00:03:41]
Server hostkey algorithm: ssh-dss
Server hostkey: 2048 bit dsa key
    SHA-1: 01aed46c8569617b9fca77de34773e28c54e3173
Server authentication: publickey
User authentications completed: publickey[#1]
Session ID: 96cfa323524b7c3adaac2ba84e8af64c729b55b3
Transport cipher: crypticore128@ssh.com [crypticore128@ssh.com]
Transport mac: crypticore-mac@ssh.com [crypticore-mac@ssh.com]
Transport compression:  []
Host key algorithm: ssh-dss
Kex algorithm: diffie-hellman-group14-sha1
Bytes sent: 11
Bytes received: 553
Completed key exchanges: 2
1 open channel.

The cipher in use for the connection will be under Transport cipher: in this case crypticore128@ssh.com


answered Oct 07 '09 at 20:51

Roman's gravatar image

Roman ♦♦

Hi Roman,

When I type ~? , I got the below options.

-bash-3.2$ ~? Supported escape sequences: ~. - terminate connection ~B - send a BREAK to the remote system ~C - open a command line ~R - Request rekey (SSH protocol 2 only) ~^Z - suspend ssh ~# - list forwarded connections ~& - background ssh (when waiting for connections to terminate) ~? - this message ~~ - send the escape character by typing it twice (Note that escapes are only recognized immediately after newline.)

I don't see anything ~S . Could you please let me know why I am not able to see it.


answered Mar 14 '14 at 00:23

Karteek%20U's gravatar image

Karteek U

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported



Asked: Oct 06 '09 at 12:38

Seen: 18,834 times

Last updated: Mar 14 '14 at 00:23

All user contributed content licensed under the cc-by-sa license.
Powered by OSQA.