Skip to main content
Skip table of contents

SSH: Deprecation of Weak Algorithms as of IGEL Linux 10.04.100

As of IGEL Linux 10.04.100, certain older, less secure algorithms are deprecated in both the SSH client and server.

The following table shows the algorithms enabled by default as of IGEL Linux version 10.04.100.

Key exchange algorithms

  • curve25519-sha256@libssh.org
  • ecdh-sha2-nistp521
  • ecdh-sha2-nistp384
  • ecdh-sha2-nistp256
  • diffie-hellman-group-exchange-sha256

Message authentication codes (MACs)

  • hmac-sha2-512-etm@openssh.com
  • hmac-sha2-256-etm@openssh.com
  • umac-128-etm@openssh.com
  • hmac-sha2-512
  • hmac-sha2-256
  • umac-128@openssh.com

Host keys

  • ssh-ed25519-cert-v01@openssh.com
  • ssh-rsa-cert-v01@openssh.com
  • ssh-ed25519
  • ssh-rsa
  • ecdsa-sha2-nistp521-cert-v01@openssh.com
  • ecdsa-sha2-nistp384-cert-v01@openssh.com
  • ecdsa-sha2-nistp256-cert-v01@openssh.com
  • ecdsa-sha2-nistp521
  • ecdsa-sha2-nistp384
  • ecdsa-sha2-nistp256

If you need to enable weaker algorithms, see Enable Weaker Algorithms in the SSH client and/or How to Enable Weaker Algorithms in the Built-in OpenSSH Server.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close