Supported Cryptographic Algorithms
Net::SSH supports a wide range of modern and legacy cryptographic algorithms. As of version 6.0, weak algorithms are disabled by default to promote better security. You can, however, re-enable them for backward compatibility.
Customizing Algorithms
You can specify your preferred algorithms when starting a connection. The value can be a single string or an array of strings. The order determines preference.
Net::SSH.start(host, user,
kex: 'diffie-hellman-group-exchange-sha256',
encryption: %w[aes256-ctr aes128-ctr],
hmac: 'hmac-sha2-512',
host_key: 'ssh-ed25519'
)Modifying the Default List
You can also add to or remove from the default algorithm list using + and - prefixes. This is useful for disabling a specific weak algorithm without replacing the entire list.
# Remove all CBC-mode ciphers from the default list
Net::SSH.start(host, user, encryption: '-*-cbc')
# Add a legacy HMAC algorithm for an old server
Net::SSH.start(host, user, hmac: '+hmac-md5')Re-enabling All Supported Algorithms
For compatibility with very old SSH servers, you can revert to the pre-6.0 behavior of enabling all supported algorithms, including weak ones, by using the :append_all_supported_algorithms option.
Net::SSH.start(host, user, append_all_supported_algorithms: true)Algorithm Support Details
The following tables detail the algorithms supported by Net::SSH. Algorithms marked as "Deprecated" are disabled by default.
Host Keys
| Name | Default Support | Notes |
|---|---|---|
ssh-ed25519 |
Enabled | Requires the ed25519 gem. |
ecdsa-sha2-nistp521 |
Enabled | Uses potentially weak elliptic curves. |
ecdsa-sha2-nistp384 |
Enabled | Uses potentially weak elliptic curves. |
ecdsa-sha2-nistp256 |
Enabled | Uses potentially weak elliptic curves. |
rsa-sha2-512 |
Enabled | RSA with SHA-2 512-bit signature. |
rsa-sha2-256 |
Enabled | RSA with SHA-2 256-bit signature. |
ssh-rsa |
Enabled | Standard RSA with SHA-1 signature. |
ssh-dss |
Deprecated in v6.0 | Insecure, will be removed in v8.0. |
Key Exchange (KEX)
| Name | Default Support | Notes |
|---|---|---|
curve25519-sha256 |
Enabled | Requires the x25519 gem. |
ecdh-sha2-nistp521 |
Enabled | Uses potentially weak elliptic curves. |
ecdh-sha2-nistp384 |
Enabled | Uses potentially weak elliptic curves. |
ecdh-sha2-nistp256 |
Enabled | Uses potentially weak elliptic curves. |
diffie-hellman-group-exchange-sha256 |
Enabled | |
diffie-hellman-group14-sha256 |
Enabled | |
diffie-hellman-group14-sha1 |
Enabled | |
diffie-hellman-group1-sha1 |
Deprecated in v6.0 | Insecure, will be removed in v8.0. |
diffie-hellman-group-exchange-sha1 |
Deprecated in v6.0 | Insecure, will be removed in v8.0. |
Encryption Algorithms (Ciphers)
| Name | Default Support | Notes |
|---|---|---|
chacha20-poly1305@openssh.com |
Enabled | Requires the rbnacl gem. |
aes256-ctr / aes192-ctr / aes128-ctr |
Enabled | |
aes256-gcm@openssh.com |
Enabled | AEAD Cipher. |
aes128-gcm@openssh.com |
Enabled | AEAD Cipher. |
aes256-cbc / aes192-cbc / aes128-cbc |
Deprecated in v6.0 | Insecure, will be removed in v8.0. |
rijndael-cbc@lysator.liu.se |
Deprecated in v6.0 | Insecure, will be removed in v8.0. |
blowfish-ctr, blowfish-cbc |
Deprecated in v6.0 | Insecure, will be removed in v8.0. |
cast128-ctr, cast128-cbc |
Deprecated in v6.0 | Insecure, will be removed in v8.0. |
3des-ctr, 3des-cbc |
Deprecated in v6.0 | Insecure, will be removed in v8.0. |
idea-cbc |
Deprecated in v6.0 | Insecure, will be removed in v8.0. |
none |
Deprecated in v6.0 | Unencrypted, will be removed in v8.0. |
Message Authentication Code (MAC) Algorithms
| Name | Default Support | Notes |
|---|---|---|
hmac-sha2-512-etm |
Enabled | Encrypt-then-MAC mode. |
hmac-sha2-256-etm |
Enabled | Encrypt-then-MAC mode. |
hmac-sha2-512 |
Enabled | |
hmac-sha2-256 |
Enabled | |
hmac-sha1 |
Enabled | For backward compatibility. |
hmac-sha2-512-96 |
Deprecated in v6.0 | Removed from spec, will be removed in v8.0. |
hmac-sha2-256-96 |
Deprecated in v6.0 | Removed from spec, will be removed in v8.0. |
hmac-sha1-96 |
Deprecated in v6.0 | Insecure, will be removed in v8.0. |
hmac-ripemd160 |
Deprecated in v6.0 | Insecure, will be removed in v8.0. |
hmac-md5 |
Deprecated in v6.0 | Insecure, will be removed in v8.0. |
hmac-md5-96 |
Deprecated in v6.0 | Insecure, will be removed in v8.0. |
none |
Deprecated in v6.0 | No integrity checking, will be removed in v8.0. |