OpenSSH default/preferred ciphers, hash, etc for SSH2

The default algorithms (that is, the algorithms which the client and server prefer to use when given the choice) depend on the client and server implementations, how they were compiled and configured. So it may depend on the software vendor, software version, operating system distribution, and sysadmin choices.

On an Ubuntu 12.10, man ssh_config indicates that the default order for encryption is:

            aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,
            aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,
            aes256-cbc,arcfour

while the default order for MAC (integrity) is:

            hmac-md5,hmac-sha1,[email protected],
            hmac-ripemd160,hmac-sha1-96,hmac-md5-96,
            hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,
            hmac-sha2-512-96

The key exchange algorithm would follow this order of preference:

            ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
            diffie-hellman-group-exchange-sha256,
            diffie-hellman-group-exchange-sha1,
            diffie-hellman-group14-sha1,
            diffie-hellman-group1-sha1

Of course, preferences are subject to negotiation. An algorithm will be selected only if both the client and server support it (in particular, ECDH key exchange support is rather recent), and both client and server have their say in it (if they do not have the exact same preferences).

A survey is theoretically doable: connect to random IP address, and, if a SSH server responds, work out its preferred list of ciphers and MAC (by connecting multiple times, restricting the list of choices announced by the client). OpenSSH makes usage surveys but they are not as thorough (they just want the server "banner").

Have you looked at the manual? A quick Ctrl-F for 'default' revealed many of the answers you are looking for:

• key length: 1024
• 3DES
• SSH2
• ...