Key Exchange Security

Supported Key Types

Prompt currently supports keys of the following types for both host key verification and client key exchange:

  • DSA
  • ECDSA
  • Ed25519
  • RSA

in both PEM and OpenSSH formats where applicable.

Importing

If Prompt detects a public key (ex., id_rsa.pub) or anything that doesn’t exactly match the format of supported private keys, it won’t offer to let you import from the clipboard. If you already have a PuTTY key (in the PPK format), you can convert it by following these instructions under the Dealing with Private Keys in Other Formats section, then import the resulting OpenSSH private key into Prompt.

Supported Exchange/Security Methods

KexAlgorithms

  • diffie-hellman-group-exchange-sha1
  • diffie-hellman-group14-sha1
  • diffie-hellman-group1-sha1
  • diffie-hellman-group-exchange-sha256
  • ecdh-sha2-nistp256
  • ecdh-sha2-nistp384
  • ecdh-sha2-nistp521

Cyphers

  • aes128-ctr
  • aes192-ctr
  • aes256-ctr
  • aes128-cbc
  • aes192-cbc
  • aes256-cbc
  • blowfish-cbc
  • arcfour
  • arcfour128
  • cast128-cbc
  • 3des-cbc

MACs

  • sha2-512-etm@openssh.com
  • sha2-512
  • sha2-256-etm@openssh.com
  • sha2-256
  • sha1
  • sha1 96
  • ripemd160

Last updated August 31, 2016