0

I have a technical recommendation for SSH that states we should only use the following algorithms for Public Key authentication. Unfortunately the guide does not mention the exact names of ciphers as they are used in OpenSSH an I have difficulty mapping the two.

Does anyone know what SSH ciphers the following might correlate with:

  • pgp-sign-dss2
  • ecdsa-sha2-*
  • x509v3-rsa2048-sha256 
  • x509v3-ecdsa-sha2-*

The ecdsa-sha2-* are pretty clear to me (mostly nistp stuff that I am not going to use), but I cannot find a mapping for the others (espeically the x509v3- ones.

Does anyone have a good resource on how to map those?

John Nemo
  • 17
  • 3

1 Answers1

0

From my understanding you are asking which SSH ciphers algorithm those "options" are using, this might help you https://www.ssh.com/academy/ssh/sshd_config#:~:text=The%20ciphers%20supported%20in%20OpenSSH,%2Dpoly1305%40openssh.com%20.

I suppose that "x509v3-rsa2048-sha256" means that you are using the RSA Ciphers with a key lentgh of 2048 bit, hashing with sha256 (hash function) and x509v3 could simply be the version of the OpenSSL command you are using (https://www.openssl.org/docs/man1.1.1/man1/x509.html)

I hope it helps you.

Have a nice day.

:)

Niklaus
  • 1