KB-6844: How to determine the active ciphers on Centrify-enabled OpenSSH
Applies To: All versions of Centrify-Enabled OpenSSH on all platforms
Question: Is there a way to determine the active ciphers on a running Centrify-enabled OpenSSH server?
Answer: The active ciphers can be configured as needed in Centrify-enabled OpenSSH using the same parameters used on stock OpenSSH which it is based on. Because the roots of Centrify-enabled OpenSSH are in the stock version it is bound by the same design parameters. As a result there is no simple way to determine the active ciphers aside from viewing what's defined in the sshd_config file.
Start sshd demon in debug mode, wait for few seconds, then stop the process. Review the log that is created. Near the top of the file you should see the active ciphers. This information comes from: KB-4276: How to enable SSH trace and Putty logs