SSH authentication encryption selection
SSH has deprecated the arcfour-hmac encryption type for authentication.
Upon logging into a server, the warning may emit:
Warning: encryption type arcfour-hmac used for authentication is deprecated and will be disabled
Check the SSH client configuration per-user file: “$HOME/.ssh/config”. There is also a system-wide SSH client configuration file that can be edited:
- Linux & macOS:
/etc/ssh/ssh_config - Windows:
$Env:ProgramData/ssh/ssh_config
We have found this is often a server-side configuration issue, particularly when it only occurs with a specific server.
The server may be using an older version of OpenSSH that still supports arcfour-hmac, or it may have been configured to allow this encryption type.
To check settings in the SSH client configuration file, look for lines that specify Ciphers or MACs.
If arcfour-hmac is listed, it should be removed.