What are KEX and Host Key Algorithms?

KEX is the short form of Key Exchange:  The algorithm is chosen to compute the secret encryption key. Examples would be  diffie-hellman-group-exchange-sha1' and modern 'ecdh-sha2-nistp512'.

Public_key or Server Host key: The asymmetric encryption algorithm used in the server's private-public host key pair.  Examples would be 'ssh-rsa' and elliptic curve 'ecdsa-sha2-nistp521'.

How to find the KEX (Key Exchange) and Host Key Algorithms in SSH?

1. SSH from one linux machine to another in verbose mode to get the detailed process.

2. KEX and host key algorithms used to SSH can be found in debug 1 level logs. Refer below example of KEX and host key algorithms.

How to change the KEX and host key algorithm on the server machine?

1. Edit sshd_config file and append the below lines with KexAlgorithms and HostKeyAlgorithms.

2. Restart sshd service to affect the changes made in sshd_config.

3. SSH from the client machine to the server machine to view the changed KEX and host key algorithms.

How to view the list of KEX and Keys in the Linux server?

• How to list keys in the Linux server?

• How to list KEX in the Linux server?

Related Articles

DSA key based authentication is not working

signature algorithm ssh-rsa not in PubkeyAcceptedAlgorithms

signature algorithm ssh-dss not in PubkeyAcceptedAlgorithms