What ciphers, HMACS, Host Key Algorithms, Key Exchange Algorithms, and Public Key Auth Accepted Algorithms are supported for a ssh connection to SSL Visibility Appliances
search cancel

What ciphers, HMACS, Host Key Algorithms, Key Exchange Algorithms, and Public Key Auth Accepted Algorithms are supported for a ssh connection to SSL Visibility Appliances

book

Article ID: 237264

calendar_today

Updated On: 06-29-2025

Products

SSL Visibility Appliance Software SV-1800 SV-2800 SV-3800 SV-800 SV-S550

Issue/Introduction

The SSL Visibility Appliances support a broad list of options for ciphers, HMACS, Host Key Algorithms, Key Exchange Algorithms, and Public Key Auth Accepted Algorithms.

Resolution

SSL Visibility allows the following ciphers:

• chacha20-poly1305@openssh.com
• aes128-gcm@openssh.com
• aes256-gcm@openssh.com
• aes128-ctr
• aes192-ctr
• aes256-ctr

The following HMACS are supported on the SSL Visibility:

• hmac-sha2-256-etm@openssh.com
• hmac-sha2-512-etm@openssh.com
• hmac-sha2-256 hmac-sha2-512
• hmac-sha1-etm@openssh.com
• hmac-sha1

SSL Visibility supports these Host Key Algorithms:

• ssh-ed25519
• ecdsa-sha2-nistp256
• ecdsa-sha2-nistp384
• ecdsa-sha2-nistp521
• rsa-sha2-512 rsa-sha2-256
• ssh-rsa

The Key Exchange Algorithms support on SSL Visibility are:

• curve25519-sha256
• curve25519-sha256@libssh.org
• ecdh-sha2-nistp256
• ecdh-sha2-nistp384
• ecdh-sha2-nistp521
• diffie-hellman-group-exchange-sha256
• diffie-hellman-group14-sha256
• diffie-hellman-group16-sha512
• diffie-hellman-group18-sha512
• diffie-hellman-group14-sha

The Public Key Auth Accepted Algorithms the SSL Visibility accepts are:

• ssh-ed25519
• ecdsa-sha2-nistp256
• ecdsa-sha2-nistp384
• ecdsa-sha2-nistp521
• rsa-sha2-512
• rsa-sha2-256
• ssh-rsa

Additional Information

Over time, some ciphers, HMACs, Host Key Algorithms, Key Exchange Algorithms, and Public Key Auth Accepted Algorithms may become deprecated.  In this case you may want to remove them from the options SSL Visibility software supports.  This can be done and is documented in the following Knowledge Base Article.

Disabling ciphers