What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

Which encryption algorithms do PRTG SSH sensors support?

Votes:

0

The connection of SSH sensors does not work or new SSH Sensors cannot be added. Which encryption algorithms do PRTG SSH Sensors support?

cipher encryption prtg security ssh ssh-key

Created on Jun 2, 2022 12:26:18 PM by  Felix Saure [Paessler Support]

Last change on Jun 2, 2022 12:26:18 PM



1 Reply

Votes:

0

This article applies as of PRTG 22.2.76


The default SSH connection mode supports:

Cipher• aes128-ctr
[email protected]
• aes192-ctr
• aes256-ctr
[email protected]
Mac• hmac-sha2-256
[email protected]
• hmac-sha2-512
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
Kex• curve25519-sha256
[email protected]
• diffie-hellman-group14-sha256
• diffie-hellman-group16-sha512
• diffie-hellman-group18-sha512
• diffie-hellman-group-exchange-sha256
• ecdh-sha2-nistp256
• ecdh-sha2-nistp384
• ecdh-sha2-nistp521
[email protected]
Host Keys• ecdsa-sha2-nistp256
[email protected]
• ecdsa-sha2-nistp384
[email protected]
• ecdsa-sha2-nistp521
[email protected]
• rsa-sha2-256
[email protected]
• rsa-sha2-512
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
• ssh-ed25519
[email protected]
• ssh-rsa
[email protected]

The compatibility SSH connection mode is only listed for reference, since it's already deprecated and will be removed in the future:

Cipher• aes192-cbc
• aes256-cbc
Mac• hmac-sha1
Kex• diffie-hellman-group1-sha1
• diffie-hellman-group14-sha1
Host Keys• ssh-rsa
• ssh-dss

Additional Notes:

  • Always ensure that you use the matching SSH-Key. DSS-Keys do not work.
  • The SSH Sensors use a fallback to SHA1/SSH-RSA if the modern algorithms do not work. Just if you see an error in your logs pointing to these older ones.

In case you have any questions or concerns, reach out to [email protected].

Created on Jun 2, 2022 12:43:27 PM by  Felix Saure [Paessler Support]

Last change on Jun 2, 2022 12:43:27 PM




Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.