Skip to content
Advertisement

On sshd server how can I see what connection what cipher is using?

I’m administrating a ssh server, serving multiple users. Some asked to be available to use a cipher “arcfour”, so I enabled it.

But I am now trying to actually see which connection and user is using it. Is there a way to list the connections with the information about the cipher used in each connection?

Thanks

Advertisement

Answer

You need to set the LogLevel DEBUG in the server sshd_config. Then you should see messages as

debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none [preauth]
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none [preauth]

Saying what Cipher, MAC and compression is used during the connection.

User contributions licensed under: CC BY-SA
10 People found this is helpful
Advertisement