General information

Server Identification: SSH-2.0-OpenSSH_7.4
IP Address: 128.252.17.87
Generated at: 2022-05-21 03:49:12 UTC (12 hours ago) - clear cache

Key Exchange Algorithms

diffie-hellman-group14-sha256
Diffie-Hellman with 2048-bit Oakley Group 14 with SHA-256 hash
Oakley Group 14 should be secure for now.
Secure
diffie-hellman-group16-sha512
Diffie-Hellman with 4096-bit MODP Group 16 with SHA-512 hash
Secure
diffie-hellman-group18-sha512
Diffie-Hellman with 8192-bit MODP Group 18 with SHA-512 hash
Secure
diffie-hellman-group-exchange-sha256
Diffie-Hellman with MODP Group Exchange with SHA-256 hash
Secure
curve25519-sha256
Elliptic Curve Diffie-Hellman on Curve25519 with SHA-256 hash
Secure
curve25519-sha256@libssh.org
Elliptic Curve Diffie-Hellman on Curve25519 with SHA-256 hash
Secure
ecdh-sha2-nistp256
Elliptic Curve Diffie-Hellman on NIST P-256 curve with SHA-256 hash
Possible NSA backdoor.
Secure
ecdh-sha2-nistp384
Elliptic Curve Diffie-Hellman on NIST P-384 curve with SHA-384 hash
Possible NSA backdoor.
Secure
ecdh-sha2-nistp521
Elliptic Curve Diffie-Hellman on NIST P-521 curve with SHA-512 hash
Possible NSA backdoor.
Secure
diffie-hellman-group14-sha1
Diffie-Hellman with 2048-bit Oakley Group 14 with SHA-1 hash
Oakley Group 14 should be secure for now. SHA-1 is becoming obsolete, consider using SHA-256 version.
Weak
diffie-hellman-group-exchange-sha1
Diffie-Hellman with MODP Group Exchange with SHA-1 hash
SHA-1 is considered obsolete - consider using SHA-256
Weak
diffie-hellman-group1-sha1
Diffie-Hellman with 1024-bit Oakley Group 2 (not a typo - see RFC) with SHA-1 hash
Oakley Group 2 is no longer considered secure. 1024-bit groups may be broken by nation states.
Insecure

Server Host Key Algorithms

ssh-ed25519
Ed25519, an Edwards-curve Digital Signature Algorithm (EdDSA)
Secure
ecdsa-sha2-nistp256
Elliptic Curve Digital Signature Algorithm (ECDSA) on NIST P-256 curve with SHA-256 hash
Possible NSA backdoor.
Secure
ssh-rsa
RSA with SHA-1 hash
SHA-1 is becoming obsolete.
Secure
rsa-sha2-256
RSA with SHA-256 hash
Secure
rsa-sha2-512
RSA with SHA-512 hash
Secure

Encryption Algorithms

chacha20-poly1305@openssh.com
256-bit ChaCha20 with Poly1305 authenticator by OpenSSH
Secure
aes256-gcm@openssh.com
AES with 256-bit key in GCM mode by OpenSSH
Secure
aes128-gcm@openssh.com
AES with 128-bit key in GCM mode by OpenSSH
Secure
aes256-ctr
AES with 256-bit key in CTR mode
Secure
aes192-ctr
AES with 192-bit key in CTR mode
Secure
aes128-ctr
AES with 128-bit key in CTR mode
Secure
aes256-cbc
AES with 256-bit key in CBC mode
CBC mode is not perfect, but still not "unsafe".
Secure
aes192-cbc
AES with 192-bit key in CBC mode
CBC mode is not perfect, but still not "unsafe".
Secure
aes128-cbc
AES with 128-bit key in CBC mode
CBC mode is not perfect, but still not "unsafe".
Secure
blowfish-cbc
Blowfish with 128-bit key in CBC mode
At least 128-bit block size is recommended; Blowfish uses 64-bit blocks. CBC mode is not perfect, but still not "unsafe".
Weak
cast128-cbc
CAST-128 (CAST5) with 128-bit key in CBC mode
At least 128-bit block size is recommended; CAST-128 uses 64-bit blocks. CBC mode is not perfect, but still not "unsafe".
Weak
3des-cbc
TripleDES with 192-bit key (112-bit effective security) in CBC mode
3DES is very inefficient.
Weak

MAC Algorithms

umac-128-etm@openssh.com
128-bit Universal Hashing MAC (Encrypt-then-MAC) by OpenSSH
Secure
hmac-sha2-256-etm@openssh.com
Hash-based MAC using SHA-256 (Encrypt-then-MAC) by OpenSSH
Secure
hmac-sha2-512-etm@openssh.com
Hash-based MAC using SHA-512 (Encrypt-then-MAC) by OpenSSH
Secure
umac-128@openssh.com
128-bit Universal Hashing MAC by OpenSSH
Secure
hmac-sha2-256
Hash-based MAC using SHA-256
Secure
hmac-sha2-512
Hash-based MAC using SHA-512
Secure
umac-64-etm@openssh.com
64-bit UMAC (Universal Hashing MAC) (Encrypt-then-MAC) by OpenSSH
64-bit UMAC is no longer considered secure enough. Recommended tag size should be at least 128 bits.
Weak
hmac-sha1-etm@openssh.com
Hash-based MAC using SHA-1 (Encrypt-then-MAC) by OpenSSH
SHA-1 is becoming deprecated - consider replacing with SHA-256 or SHA-512.
Weak
umac-64@openssh.com
64-bit UMAC (Universal Hashing MAC) by OpenSSH
64-bit UMAC is no longer considered secure enough.
Weak
hmac-sha1
Hash-based MAC using SHA-1
SHA-1 is becoming deprecated - consider replacing with SHA-256 or SHA-512.
Weak

Compression Algorithms

none
No compression
Unknown
zlib@openssh.com
zlib compression by OpenSSH
Unknown

Server Public Keys

ssh-rsa

Key size: 2048bit
MD5 Fingerprint: 6a:ed:7a:b7:e1:0e:1a:6a:4c:9c:8f:1a:5e:19:37:65
SHA-256 Fingerprint: +U0sno5j5ZpiIitSXU0vuwS+areMSHBXXdApMbkhicU
Public key:
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "Saved by Rebex SSH"
AAAAB3NzaC1yc2EAAAADAQABAAABAQC6GgBmer7+/sAckEjSWk8k3xOxzmp8HL3V
FRq6wg87iSyI3lQ6zo2L9s3ApjeFiNlQp1RIHlzPIk9EmIxJjC/S07ycBOS0gLDm
r3MxNr4TGEgwbFsJJArtxqKequI5+1xS4CQL9Emb4Eb6ZLtj46g7EnNqPNvmbCd2
cziMOpg63CaUn2jJenQbgrkvCMUtOSp5X1X/0YpiE86j6TxAhToKQuMLQ8TGy3wU
BsQNOFKBHX8BeNNB7BwYFYFtwJGn7gr1POZOwT0/GMwUCa9Qr1AabyRoNPdZsoR2
TbnNWxi4ERpyTtykFvbQWt9AyXmIN14gb9Y48mfLMluJtxe4Km1T
---- END SSH2 PUBLIC KEY ----

rsa-sha2-512

Key size: 2048bit
MD5 Fingerprint: 6a:ed:7a:b7:e1:0e:1a:6a:4c:9c:8f:1a:5e:19:37:65
SHA-256 Fingerprint: +U0sno5j5ZpiIitSXU0vuwS+areMSHBXXdApMbkhicU
Public key:
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "Saved by Rebex SSH"
AAAAB3NzaC1yc2EAAAADAQABAAABAQC6GgBmer7+/sAckEjSWk8k3xOxzmp8HL3V
FRq6wg87iSyI3lQ6zo2L9s3ApjeFiNlQp1RIHlzPIk9EmIxJjC/S07ycBOS0gLDm
r3MxNr4TGEgwbFsJJArtxqKequI5+1xS4CQL9Emb4Eb6ZLtj46g7EnNqPNvmbCd2
cziMOpg63CaUn2jJenQbgrkvCMUtOSp5X1X/0YpiE86j6TxAhToKQuMLQ8TGy3wU
BsQNOFKBHX8BeNNB7BwYFYFtwJGn7gr1POZOwT0/GMwUCa9Qr1AabyRoNPdZsoR2
TbnNWxi4ERpyTtykFvbQWt9AyXmIN14gb9Y48mfLMluJtxe4Km1T
---- END SSH2 PUBLIC KEY ----

rsa-sha2-256

Key size: 2048bit
MD5 Fingerprint: 6a:ed:7a:b7:e1:0e:1a:6a:4c:9c:8f:1a:5e:19:37:65
SHA-256 Fingerprint: +U0sno5j5ZpiIitSXU0vuwS+areMSHBXXdApMbkhicU
Public key:
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "Saved by Rebex SSH"
AAAAB3NzaC1yc2EAAAADAQABAAABAQC6GgBmer7+/sAckEjSWk8k3xOxzmp8HL3V
FRq6wg87iSyI3lQ6zo2L9s3ApjeFiNlQp1RIHlzPIk9EmIxJjC/S07ycBOS0gLDm
r3MxNr4TGEgwbFsJJArtxqKequI5+1xS4CQL9Emb4Eb6ZLtj46g7EnNqPNvmbCd2
cziMOpg63CaUn2jJenQbgrkvCMUtOSp5X1X/0YpiE86j6TxAhToKQuMLQ8TGy3wU
BsQNOFKBHX8BeNNB7BwYFYFtwJGn7gr1POZOwT0/GMwUCa9Qr1AabyRoNPdZsoR2
TbnNWxi4ERpyTtykFvbQWt9AyXmIN14gb9Y48mfLMluJtxe4Km1T
---- END SSH2 PUBLIC KEY ----

ecdsa-sha2-nistp256

Key size: 256bit
MD5 Fingerprint: 44:4a:4e:5e:83:75:d0:c6:2d:de:c6:0b:f2:6c:27:09
SHA-256 Fingerprint: VHImdLEgJxo9hojSK9OtYGtIE7lRupxdKOHz4xvxSsM
Public key:
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "Saved by Rebex SSH"
AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGi7KiGh8peE
ZzRUftQHLrLX0j6oK3uHqWj7LTOiwADk4N4aQxwIlmuSPQCchYkfGMzEmsjjaZDu
T4zWzyHhXFk=
---- END SSH2 PUBLIC KEY ----

ssh-ed25519

Key size: 256bit
MD5 Fingerprint: 54:44:58:c8:b7:08:68:33:ba:dd:40:89:11:9a:1e:a6
SHA-256 Fingerprint: BNE4ZvsKbhnbnnU9Vd/fgHhpW4+180012oSyIyeNJYs
Public key:
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "Saved by Rebex SSH"
AAAAC3NzaC1lZDI1NTE5AAAAIPH6DuyTSE4wZ4CPLB2FCfdaieiioRpkViEj+We1
BZ3e
---- END SSH2 PUBLIC KEY ----