{"id":13331,"date":"2026-03-19T13:49:22","date_gmt":"2026-03-19T05:49:22","guid":{"rendered":"https:\/\/www.gbase8.cn\/?p=13331"},"modified":"2026-03-26T10:19:31","modified_gmt":"2026-03-26T02:19:31","slug":"ssh%e5%ae%a2%e6%88%b7%e7%ab%af%e5%92%8c%e6%9c%8d%e5%8a%a1%e5%99%a8%e9%97%b4%e7%9a%84%e5%8a%a0%e5%af%86%e7%ae%97%e6%b3%95%e6%98%af%e5%93%aa%e4%b8%80%e6%96%b9%e7%a1%ae%e5%ae%9a%e7%9a%84%ef%bc%9f","status":"publish","type":"post","link":"https:\/\/www.gbase8.cn\/en\/13331","title":{"rendered":"Which party determines the encryption algorithm between the SSH client and server?"},"content":{"rendered":"<p>SSH, scp, and sftp clients and servers both support various encryption algorithms. Although the final decision rests with the server, the algorithm must be present in the client's provided list and also be supported by the server. Therefore, the client needs to list its most desired algorithms first.<\/p>\n\n\n\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Directory Navigation<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a2a93fbaea37\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewbox=\"0 0 24 24\" version=\"1.2\" baseprofile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a2a93fbaea37\"  aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.gbase8.cn\/en\/13331\/#%E5%8F%82%E8%80%83\" >\u53c2\u8003<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.gbase8.cn\/en\/13331\/#OPENSSH%E7%9B%B8%E5%85%B3%E5%86%85%E5%AE%B9\" >OPENSSH\u76f8\u5173\u5185\u5bb9<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.gbase8.cn\/en\/13331\/#RFC_4253\" >RFC 4253<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.gbase8.cn\/en\/13331\/#%E6%80%BB%E7%BB%93\" >Summary<\/a><\/li><\/ul><\/nav><\/div>\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E5%8F%82%E8%80%83\"><\/span>\u53c2\u8003<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p><a href=\"https:\/\/ubuntu.com\/server\/docs\/explanation\/crypto\/openssh-crypto-configuration\/\">https:\/\/ubuntu.com\/server\/docs\/explanation\/crypto\/openssh-crypto-configuration\/<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.rfc-editor.org\/rfc\/rfc4253\">https:\/\/www.rfc-editor.org\/rfc\/rfc4253<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"OPENSSH%E7%9B%B8%E5%85%B3%E5%86%85%E5%AE%B9\"><\/span>OPENSSH\u76f8\u5173\u5185\u5bb9<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"750\" height=\"138\" src=\"https:\/\/www.gbase8.cn\/wp-content\/uploads\/2026\/03\/image.png\" alt=\"\" class=\"wp-image-13332\"\/><\/figure>\n\n\n\n<p>The first algorithm in the list (that the\u00a0<strong>client<\/strong>\u00a0offers to the server) that matches an offer from the server, is what will be selected.\u00a0<\/p>\n\n\n\n<p>\u670d\u52a1\u5668\u7b97\u6cd5\u5217\u8868\u4e2d\uff0c\u7b2c\u4e00\u4e2a\u4e0e\u5ba2\u6237\u7aef\u63d0\u4f9b\u7ed9\u670d\u52a1\u5668\u7684\u7b97\u6cd5\u5217\u8868\u5339\u914d\u7684\u88ab\u9009\u4e2d\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"RFC_4253\"><\/span>RFC 4253<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"502\" height=\"126\" src=\"https:\/\/www.gbase8.cn\/wp-content\/uploads\/2026\/03\/image-1.png\" alt=\"\" class=\"wp-image-13334\"\/><\/figure>\n\n\n\n<p>The first algorithm on the client's name-list that satisfies the requirements and is also supported by the server MUST be chosen.<\/p>\n\n\n\n<p>\u5ba2\u6237\u7aef\u7b97\u6cd5\u5217\u8868\u91cc\uff0c\u7b2c\u4e00\u4e2a\u670d\u52a1\u7aef\u4e5f\u652f\u6301\u7684\uff0c\u3010\u5fc5\u987b\u3011\u88ab\u9009\u4e2d\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E6%80%BB%E7%BB%93\"><\/span>Summary<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>\u4ece\u8fd92\u4e2a\u6807\u51c6\u53ef\u4ee5\u770b\u5230\uff0c\u5ba2\u6237\u7aef\u63d0\u4f9b\u7b97\u6cd5\u5217\u8868\u4e2d\uff0c\u5982\u679c\u670d\u52a1\u5668\u4e5f\u652f\u6301\uff0c\u5219\u9760\u524d\u7684\u88ab\u9009\u4e2d\u3002<\/p>\n\n\n\n<p>\u5ba2\u6237\u7aef\uff1a A,B,C,D,E<\/p>\n\n\n\n<p>\u670d\u52a1\u5668\uff1aB,C,D,E,A<\/p>\n\n\n\n<p>\u6700\u7ec8\u547d\u4e2d\uff1aA<\/p>\n\n\n\n<p>\u56e0\u4e3aA\u5728\u5ba2\u6237\u7aef\u5217\u8868\u91cc\u7684\u7b2c\u4e00\u4e2a\uff0c\u540c\u65f6\u4e5f\u662f\u670d\u52a1\u5668\u7aef\u652f\u6301\u7684\u3002\u6240\u4ee5\u5ba2\u6237\u7aef\u5982\u679c\u5bf9\u67d0\u4e2a\u6216\u67d0\u4e9b\u7b97\u6cd5\u6709\u66f4\u9ad8\u671f\u671b\uff0c\u5219\u8981\u628a\u8be5\u7b97\u6cd5\u653e\u5728\u524d\u9762\u3002<\/p>","protected":false},"excerpt":{"rendered":"<p>SSH, scp, and sftp clients and servers both support various encryption algorithms. Although the final decision rests with the server, the algorithm must be present in the client's provided list and also be supported by the server. Therefore, the client needs to list its most desired algorithms first.<\/p>","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[72],"class_list":["post-13331","post","type-post","status-publish","format-standard","hentry","category-1","tag-linux"],"_links":{"self":[{"href":"https:\/\/www.gbase8.cn\/en\/wp-json\/wp\/v2\/posts\/13331","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.gbase8.cn\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.gbase8.cn\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.gbase8.cn\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.gbase8.cn\/en\/wp-json\/wp\/v2\/comments?post=13331"}],"version-history":[{"count":5,"href":"https:\/\/www.gbase8.cn\/en\/wp-json\/wp\/v2\/posts\/13331\/revisions"}],"predecessor-version":[{"id":13338,"href":"https:\/\/www.gbase8.cn\/en\/wp-json\/wp\/v2\/posts\/13331\/revisions\/13338"}],"wp:attachment":[{"href":"https:\/\/www.gbase8.cn\/en\/wp-json\/wp\/v2\/media?parent=13331"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.gbase8.cn\/en\/wp-json\/wp\/v2\/categories?post=13331"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.gbase8.cn\/en\/wp-json\/wp\/v2\/tags?post=13331"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}