The SSL Visibility Appliances support a broad list of options for ciphers, HMACS, Host Key Algorithms, Key Exchange Algorithms, and Public Key Auth Accepted Algorithms.
SSL Visibility allows the following ciphers:
• chacha20-poly1305@openssh.com
• aes128-gcm@openssh.com
• aes256-gcm@openssh.com
• aes128-ctr
• aes192-ctr
• aes256-ctr
The following HMACS are supported on the SSL Visibility:
• hmac-sha2-256-etm@openssh.com
• hmac-sha2-512-etm@openssh.com
• hmac-sha2-256 hmac-sha2-512
• hmac-sha1-etm@openssh.com
• hmac-sha1
SSL Visibility supports these Host Key Algorithms:
• ssh-ed25519
• ecdsa-sha2-nistp256
• ecdsa-sha2-nistp384
• ecdsa-sha2-nistp521
• rsa-sha2-512 rsa-sha2-256
• ssh-rsa
The Key Exchange Algorithms support on SSL Visibility are:
• curve25519-sha256
• curve25519-sha256@libssh.org
• ecdh-sha2-nistp256
• ecdh-sha2-nistp384
• ecdh-sha2-nistp521
• diffie-hellman-group-exchange-sha256
• diffie-hellman-group14-sha256
• diffie-hellman-group16-sha512
• diffie-hellman-group18-sha512
• diffie-hellman-group14-sha
The Public Key Auth Accepted Algorithms the SSL Visibility accepts are:
• ssh-ed25519
• ecdsa-sha2-nistp256
• ecdsa-sha2-nistp384
• ecdsa-sha2-nistp521
• rsa-sha2-512
• rsa-sha2-256
• ssh-rsa
Over time, some ciphers, HMACs, Host Key Algorithms, Key Exchange Algorithms, and Public Key Auth Accepted Algorithms may become deprecated. In this case you may want to remove them from the options SSL Visibility software supports. This can be done and is documented in the following Knowledge Base Article.