I'm administrating a ssh server, serving multiple users. Some asked to be available to use a cipher "arcfour", so I enabled it.
But I am now trying to actually see which connection and user is using it. Is there a way to list the connections with the information about the cipher used in each connection?
You need to set the
LogLevel DEBUG in the server
sshd_config. Then you should see messages as
debug1: kex: client->server cipher: email@example.com MAC: <implicit> compression: none [preauth] debug1: kex: server->client cipher: firstname.lastname@example.org MAC: <implicit> compression: none [preauth]
Saying what Cipher, MAC and compression is used during the connection.