Rebex SSH Test result for itcsubmit.wustl.edu:22

General information

Server Identification:	SSH-1.99-OpenSSH_3.6.1p2
IP Address:	128.252.17.87
Generated at:	2020-12-01 09:39:47 UTC (23 hours ago) - clear cache

Key Exchange Algorithms

`diffie-hellman-group-exchange-sha1`	Diffie-Hellman with MODP Group Exchange with SHA-1 hash SHA-1 is considered obsolete - consider using SHA-256	Weak
`diffie-hellman-group1-sha1`	Diffie-Hellman with 1024-bit Oakley Group 2 (not a typo - see RFC) with SHA-1 hash Oakley Group 2 is no longer considered secure. 1024-bit groups may be broken by nation states.	Insecure

Server Host Key Algorithms

`ssh-rsa`	RSA with SHA-1 hash SHA-1 is becoming obsolete.	Secure
`ssh-dss`	NIST Digital Signature Algorithm (DSA) with SHA-1 hash SHA-1 is becoming obsolete.	Weak

Encryption Algorithms

`aes256-cbc`	AES with 256-bit key in CBC mode CBC mode is not perfect, but still not "unsafe".	Secure
`aes192-cbc`	AES with 192-bit key in CBC mode CBC mode is not perfect, but still not "unsafe".	Secure
`aes128-cbc`	AES with 128-bit key in CBC mode CBC mode is not perfect, but still not "unsafe".	Secure
`rijndael-cbc@lysator.liu.se`	AES with 256-bit key in CBC mode CBC mode is not perfect, but still not "unsafe".	Secure
`3des-cbc`	TripleDES with 192-bit key (112-bit effective security) in CBC mode 3DES is very inefficient.	Weak
`blowfish-cbc`	Blowfish with 128-bit key in CBC mode At least 128-bit block size is recommended; Blowfish uses 64-bit blocks. CBC mode is not perfect, but still not "unsafe".	Weak
`cast128-cbc`	CAST-128 (CAST5) with 128-bit key in CBC mode At least 128-bit block size is recommended; CAST-128 uses 64-bit blocks. CBC mode is not perfect, but still not "unsafe".	Weak
`arcfour`	RC4 (ArcFour) stream cipher with 128-bit key RC4 without discard step is not secure.	Insecure

MAC Algorithms

`hmac-ripemd160`	Hash-based MAC using RIPEMD 160-bit	Secure
`hmac-ripemd160@openssh.com`	Hash-based MAC using RIPEMD 160-bit by OpenSSH	Secure
`hmac-sha1`	Hash-based MAC using SHA-1 SHA-1 is becoming deprecated - consider replacing with SHA-256 or SHA-512.	Weak
`hmac-sha1-96`	Hash-based MAC using SHA-1 truncated to 96 bits SHA-1 is becoming deprecated - consider replacing with SHA-256 or SHA-512.	Weak
`hmac-md5`	Hash-based MAC using MD5 MD5 is deprecated. Consider replacing with SHA-256 or SHA-512.	Insecure
`hmac-md5-96`	Hash-based MAC using MD5 truncated to 96 bits MD5 is no longer considered secure.	Insecure

Compression Algorithms

`none`	No compression	Unknown
`zlib`	zlib compression	Unknown

Server Public Keys

ssh-rsa

Key size:	1024bit
MD5 Fingerprint:	`7c:ac:6e:86:fe:ba:85:69:d2:13:f0:df:ca:c5:55:b0`
SHA-256 Fingerprint:	`nMzgu7f2HCBqWp0rGyJ6aAiZXURh4oH0SwyPbQ42C0w`
Public key:	---- BEGIN SSH2 PUBLIC KEY ---- Comment: "Saved by Rebex SSH" AAAAB3NzaC1yc2EAAAABIwAAAIEAvQKnk0WdTQHqZeu1KEcgLWP6eP00XElfWGK8 lXOqh8tXQsH7hvFgjrd6WeqGNYYEoE0iFX2hJiEnl+7JOlPv8nx8P81ZU0iXSoFM EIERdaL7RukDnBj8VU729w1wufHTtvqOX066tqXNuGotoi+q1C9r+naYBABJnhdx B+HCrV0= ---- END SSH2 PUBLIC KEY ----

ssh-dss

Key size:	1024bit
MD5 Fingerprint:	`b4:10:08:e9:6d:14:78:75:20:c4:39:a8:ff:99:20:a8`
SHA-256 Fingerprint:	`lemXQEgYpjJbtyaVi7FHk+lGN+ExvzQ+vfalOFsjMnM`
Public key:	---- BEGIN SSH2 PUBLIC KEY ---- Comment: "Saved by Rebex SSH" AAAAB3NzaC1kc3MAAACBAOW1mcMlv9UtTOqMOHbtj1MN3E69jHrn2ZrRCcTxTqCu O+iOwwKk5q4/274fvnI9lV1fGYH6LAjUqWT0FiDpq/U6un1OBsIhI/Bc3sD7wGRU gxYNDjIO+MmV2KShHnawz7BmTtkBUVYjOCokgD4b2nxfyYK865Ds0xZKob6CbOpV AAAAFQCik2JaKlpS8hUbe1vhIwmVaAW4uQAAAIBUWn7t02QirpGJcUw5Y0Gx5/Qv lRdXrO3CLMCof923Gg2e9A2AqzdlA68i9lFiya0ROG4QCbtBfCSZqXHvIzCCv44A FqG6fEUJKEb42WvNPfu5ONfV/bbhczDHilOpEyIZ7jdiXr0h5CyzpbagNGc1EOMF Nm2DaOvf1RUPqEGIjAAAAIEAp48+0s3+roeZlRXiFYUKFoiWg8XVEazGYGJN/wby kQounCkl08Y3Ch5S674aaxiiDzVqW1cZZjDpDaScVrTyzu/kpTR2gpyC1pVfdfBT 5jC5lzlN5wcEUypiNESOErUezxcFYF49znc72AEw8jkTAYiMQghsJGbcylXNEUzW 3/o= ---- END SSH2 PUBLIC KEY ----