Supported SSH Ciphers

Updated 9 months ago by James Dunn

Here is a list of SSH ciphers we currently support for use with SFTP:

Key Exchange Algorithms:

  • curve25519-sha256@libssh.org
  • curve25519-sha256
  • ecdh-sha2-nistp256
  • ecdh-sha2-nistp384
  • ecdh-sha2-nistp521
  • diffie-hellman-group14-sha256
  • diffie-hellman-group15-sha512
  • diffie-hellman-group16-sha512
  • diffie-hellman-group17-sha512
  • diffie-hellman-group18-sha512

Host Key Algorithms:

  • ssh-rsa

Encryption Algorithms:

  • aes128-ctr
  • aes192-ctr
  • aes256-ctr

MAC Algorithms:

  • hmac-sha2-256
  • hmac-sha2-512
  • hmac-sha1
  • hmac-sha1-etm@openssh.com
  • hmac-sha2-256-etm@openssh.com
  • hmac-sha2-512-etm@openssh.com
  • chacha20-poly1305@openssh.com

Compression Algorithms:

  • none

Deprecated

On December 15, 2021, we discontinued support for the following insecure key exchange algorithms:

  • aes256-gcm
  • aes128-gcm
  • diffie-hellman-group14-sha1

On September 13, 2020, we discontinued support for the following insecure key exchange algorithms:

  • diffie-hellman-group1-sha1
  • diffie-hellman-group-exchange-sha1
  • diffie-hellman-group-exchange-sha256


How Did We Do?