I have an issue that is slowly driving me crazy: I’ve blocked ports 22 and 222 in the firewall.
ssh -l root xxx.xxx.xxx.xxx (where xxx.xxx.xxx.xxx is the public ip address of my ipfire machine) from outside our company doesn’t do anything, so that part is good.
but ‘ssh -Q key xxx.xxx.xxx.xxx’ results in a list:
−Q query_option
Queries ssh for the algorithms supported for the specified version 2. The available features are: cipher (supported symmetric ciphers), cipher-auth (supported symmetric ciphers that sup- port authenticated encryption), help (supported query terms for use with the −Q flag), mac (sup- ported message integrity codes), kex (key exchange algorithms), key (key types), key-cert (cer- tificate key types), key-plain (non-certificate key types), key-sig (all key types and signature algorithms), protocol-version (supported SSH protocol versions), and sig (supported signa- ture algorithms). Alternatively, any keyword from ssh_config(5) or sshd_config(5) that takes an algorithm list may be used as an alias for the corresponding query_option.