Created
October 17, 2016 13:32
-
-
Save JamieMagee/d9231818fd2aff91eef60b3ca56276d7 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # general | |
| (gen) banner: SSH-2.0-dropbear_2016.74 | |
| (gen) software: Dropbear SSH 2016.74 | |
| (gen) compatibility: OpenSSH 6.5-6.6, Dropbear SSH 2013.62-2014.66 | |
| (gen) compression: disabled | |
| # key exchange algorithms | |
| (kex) [email protected] -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62 | |
| (kex) ecdh-sha2-nistp521 -- [fail] using weak elliptic curves | |
| `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62 | |
| (kex) ecdh-sha2-nistp384 -- [fail] using weak elliptic curves | |
| `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62 | |
| (kex) ecdh-sha2-nistp256 -- [fail] using weak elliptic curves | |
| `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62 | |
| (kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm | |
| `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53 | |
| (kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm | |
| `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack | |
| `- [warn] using small 1024-bit modulus | |
| `- [warn] using weak hashing algorithm | |
| `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28 | |
| (kex) [email protected] -- [info] available since Dropbear SSH 2013.57 | |
| # host-key algorithms | |
| (key) ecdsa-sha2-nistp521 -- [fail] using weak elliptic curves | |
| `- [warn] using weak random number generator could reveal the key | |
| `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62 | |
| (key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28 | |
| (key) ssh-dss -- [fail] removed (in server) and disabled (in client) since OpenSSH 7.0, weak algorithm | |
| `- [warn] using small 1024-bit modulus | |
| `- [warn] using weak random number generator could reveal the key | |
| `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28 | |
| # encryption algorithms (ciphers) | |
| (enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52 | |
| (enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52 | |
| (enc) aes128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm | |
| `- [warn] using weak cipher mode | |
| `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28 | |
| (enc) aes256-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm | |
| `- [warn] using weak cipher mode | |
| `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.47 | |
| (enc) twofish256-cbc -- [fail] disabled since Dropbear SSH 2015.67 | |
| `- [warn] using weak cipher mode | |
| `- [info] available since Dropbear SSH 0.47 | |
| (enc) twofish-cbc -- [fail] disabled since Dropbear SSH 2015.67 | |
| `- [warn] using weak cipher mode | |
| `- [info] available since Dropbear SSH 0.28 | |
| (enc) twofish128-cbc -- [fail] disabled since Dropbear SSH 2015.67 | |
| `- [warn] using weak cipher mode | |
| `- [info] available since Dropbear SSH 0.47 | |
| (enc) 3des-ctr -- [info] available since Dropbear SSH 0.52 | |
| (enc) 3des-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm | |
| `- [warn] using weak cipher | |
| `- [warn] using weak cipher mode | |
| `- [warn] using small 64-bit block size | |
| `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28 | |
| # message authentication code algorithms | |
| (mac) hmac-sha1-96 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm | |
| `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm | |
| `- [warn] using encrypt-and-MAC mode | |
| `- [warn] using weak hashing algorithm | |
| `- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.47 | |
| (mac) hmac-sha1 -- [warn] using encrypt-and-MAC mode | |
| `- [warn] using weak hashing algorithm | |
| `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28 | |
| (mac) hmac-sha2-256 -- [warn] using encrypt-and-MAC mode | |
| `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56 | |
| (mac) hmac-sha2-512 -- [warn] using encrypt-and-MAC mode | |
| `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56 | |
| (mac) hmac-md5 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm | |
| `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm | |
| `- [warn] using encrypt-and-MAC mode | |
| `- [warn] using weak hashing algorithm | |
| `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28 | |
| # algorithm recommendations (for Dropbear SSH 2016.74) | |
| (rec) -ecdh-sha2-nistp521 -- kex algorithm to remove | |
| (rec) -ecdh-sha2-nistp384 -- kex algorithm to remove | |
| (rec) -ecdh-sha2-nistp256 -- kex algorithm to remove | |
| (rec) -diffie-hellman-group1-sha1 -- kex algorithm to remove | |
| (rec) -diffie-hellman-group14-sha1 -- kex algorithm to remove | |
| (rec) +diffie-hellman-group16-sha512-- kex algorithm to append | |
| (rec) +diffie-hellman-group14-sha256-- kex algorithm to append | |
| (rec) -ecdsa-sha2-nistp521 -- key algorithm to remove | |
| (rec) -ssh-dss -- key algorithm to remove | |
| (rec) -twofish128-cbc -- enc algorithm to remove | |
| (rec) -twofish256-cbc -- enc algorithm to remove | |
| (rec) -3des-cbc -- enc algorithm to remove | |
| (rec) -aes256-cbc -- enc algorithm to remove | |
| (rec) -twofish-cbc -- enc algorithm to remove | |
| (rec) -aes128-cbc -- enc algorithm to remove | |
| (rec) +twofish256-ctr -- enc algorithm to append | |
| (rec) +twofish128-ctr -- enc algorithm to append | |
| (rec) -hmac-sha1 -- mac algorithm to remove | |
| (rec) -hmac-sha1-96 -- mac algorithm to remove | |
| (rec) -hmac-md5 -- mac algorithm to remove |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment