Your browser does not allow this site to store cookies and other data. Some functionality on this site may not work without them. See Privacy Policy for details on how we would use cookies.


Configuring Ciphers

The algorithm(s) used for session encryption can be specified in the sshd2_config file:

Ciphers             aes128-cbc,3des-cbc

The system will attempt to use the different encryption ciphers in the sequence specified on the line. Currently supported cipher names are the following:


Special values for this option are the following:

  • Any: includes all supported ciphers plus none.

  • AnyStd: includes ciphers from the IETF SSH standards and none. The standard ciphers are aes128-ctr, aes192-ctr, aes256-ctr, aes128-cbc, aes192-cbc, aes256-cbc, 3des-cbc, arcfour, blowfish-cbc, cast128-cbc, twofish128-cbc, twofish192-cbc, twofish256-cbc, twofish-cbc.

  • none: no encryption, connection will be in plaintext.

  • AnyCipher: allows any available cipher apart from the non-encrypting cipher mode none.

  • AnyStdCipher: the same as AnyStd, but excludes none.

The default ciphers are aes128-ctr, aes192-ctr, aes256-ctr, aes128-cbc, aes192-cbc, aes256-cbc and 3des-cbc.