Categories
SysOps

How to determine available authentication methods

Determine available authentication methods on the specified OpenSSH server.

Determine authentication methods on the OpenSSH server installed on the Debian Buster using Vagrant.

$ timeout 5 \ 
  ssh -v debian : 2>&1 | \
  grep "Authenticating to\|Authentications that can continue:"
debug1: Authenticating to 127.0.0.1:2222 as 'vagrant'
debug1: Authentications that can continue: publickey

Determine authentication methods on multiple chained OpenSSH servers.

$ timeout 5 \
  ssh -v -J milosz@192.0.2.2 192.0.2.14 : 2>&1 | \
  grep "Authenticating to\|Authentications that can continue:"
debug1: Authenticating to 192.0.2.2:22 as 'milosz'
debug1: Authentications that can continue: publickey
debug1: Authenticating to 192.0.2.14:22 as 'milosz'
debug1: Authentications that can continue: publickey

Determine authentication methods on the OpenSSH server installed on the localhost.

$ timeout 5 \
  ssh -v localhost : 2>&1 | \
  grep "Authenticating to\|Authentications that can continue:"
debug1: Authenticating to localhost:22 as 'laboratory'
debug1: Authentications that can continue: publickey,password,keyboard-interactive

Determine authentication methods on some random OpenSSH server installed on an outdated CentOS operating system.

$ timeout 5 \
  ssh -v 192.0.2.82 : 2>&1 | \
  grep "Authenticating to\|Authentications that can continue:"
debug1: Authenticating to 192.0.2.82:22 as 'milosz'
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password

These commands are handy to verify the correctness of the OpenSSH server configuration.