Please note we have update our SSH client starting with Unimus 2.2.3. The table below applies to version 2.2.3 or newer.

Default Unimus cryptography configuration

Unimus contains its own built-in SSH client. Please note when running on Linux, configuration of your OpenSSH client ("~/.ssh") is NOT applied to Unimus' SSH client.
Currently the Unimus SSH client supports the following cryptography for outbound device connections:

Supported KEX:

curve25519-sha256, curve25519-sha256@libssh.org, diffie-hellman-group-exchange-group14-sha1, diffie-hellman-group14-sha256,
diffie-hellman-group16-sha512, ecdhdiffie-sha2hellman-nistp256group18-sha512, diffie-hellman-group1-sha1,
diffie-hellman-group14group-sha256exchange-sha1, diffie-hellman-group14group-sha1exchange-sha256, ecdh-sha2-nistp521nistp256,
curve25519-sha256@libssh.org, ecdh-sha2-nistp384, curve25519-sha256,
diffie-hellman-group18-sha512, diffie-hellman-group-exchange-sha1ecdh-sha2-nistp521

Supported ciphers:

aes1923des-cbc, aes1283des-ctr, aes128-cbc, blowfishaes128-cbcctr, aes128-gcm@openssh.com, aes256-gcm@openssh.com,
3des-aes192-cbc, aes192-ctr,
aes256-cbc, aes256-ctr, 3des-ctraes256-gcm@openssh.com, blowfish-cbc

Supported MAC:

hmac-md5-96, hmac-sha1, hmac-sha1-md5-96, hmac-md5sha1, hmac-sha2sha1-51296, hmac-sha1-etm@openssh.com, hmac-sha2-256,
hmac-sha2-256-etm@openssh.com, hmac-sha2-512, hmac-sha2-512-etm@openssh.com

Supported DH size:

DH min: 1024
DH max: 8192

Adjusting supported crypto algorithms

In some environments, you might have requirements on which SSH crypto algos you can use. In this case, you can adjust which algorithms Unimus accepts when connecting to a server.

You can set configuration options in "/etc/default/unimus" or "C:\Program Files\Unimus\Unimus.l4j.ini":

-Dunimus.core.ssh.kex=kex1,kex2,kex3,kex4,...kexX
-Dunimus.core.ssh.cipher=cipher1,cipher2,cipher3,cipher4,...cipherX
-Dunimus.core.ssh.mac=mac1,mac2,mac3,mac4,...macX
-Dunimus.core.ssh.dh-min=1024
-Dunimus.core.ssh.dh-preferred=2048
-Dunimus.core.ssh.dh-max=8192