SSH -Q key access from the red zone

I have an issue that is slowly driving me crazy: I’ve blocked ports 22 and 222 in the firewall.
ssh -l root (where is the public ip address of my ipfire machine) from outside our company doesn’t do anything, so that part is good.

but ‘ssh -Q key’ results in a list:


How can I prevent this from happening? I don’t want it to show this list.

# ssh -Q key
without a IP-Address. you will get the same answer. I assume this option shows the local side, not the remote IPFire.


−Q query_option
Queries ssh for the algorithms supported for the specified version 2. The available features are: cipher (supported symmetric ciphers), cipher-auth (supported symmetric ciphers that sup- port authenticated encryption), help (supported query terms for use with the −Q flag), mac (sup- ported message integrity codes), kex (key exchange algorithms), key (key types), key-cert (cer- tificate key types), key-plain (non-certificate key types), key-sig (all key types and signature algorithms), protocol-version (supported SSH protocol versions), and sig (supported signa- ture algorithms). Alternatively, any keyword from ssh_config(5) or sshd_config(5) that takes an algorithm list may be used as an alias for the corresponding query_option.

Thank you. This seems plausible.