In Autumn 2022, I scanned ~250k random SSH hosts.
Most popular SSH server banners:
44364 serv_banner: SSH-2.0-OpenSSH_7.4
26942 serv_banner: SSH-2.0-OpenSSH_7.9p1 Debian-10+deb10u2
20928 serv_banner: SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.7
20743 serv_banner: SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.5
15670 serv_banner: SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.5
12189 serv_banner: SSH-2.0-OpenSSH_5.3
9309 serv_banner: SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.2
8168 serv_banner: SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.4
7497 serv_banner: SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8
7482 serv_banner: SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3
7029 serv_banner: SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u7
6746 serv_banner: SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u1
6457 serv_banner: SSH-2.0-OpenSSH_8.0
6281 serv_banner: SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
5798 serv_banner: SSH-2.0-OpenSSH_8.9p1 Ubuntu-3
5755 serv_banner: SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10
2888 serv_banner: SSH-2.0-OpenSSH_8.4p1 Debian-5
2446 serv_banner: SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.1
2258 serv_banner: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u8
2238 serv_banner: SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.6
1689 serv_banner: SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.13
1627 serv_banner: SSH-2.0-OpenSSH_8.9
1465 serv_banner: SSH-2.0-OpenSSH_9.0
1116 serv_banner: SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u6
1066 serv_banner: SSH-2.0-OpenSSH_6.6.1
963 serv_banner: SSH-2.0-OpenSSH_7.9 FreeBSD-20200214
889 serv_banner: SSH-2.0-OpenSSH_8.2p1
784 serv_banner: SSH-2.0-OpenSSH_8.6
761 serv_banner: SSH-2.0-OpenSSH_7.6p1
739 serv_banner: SSH-2.0-OpenSSH_8.8
680 serv_banner: SSH-2.0-OpenSSH_7.9p1
663 serv_banner: SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8
616 serv_banner: SSH-2.0-OpenSSH_8.5
566 serv_banner: SSH-2.0-OpenSSH_8.4p1
542 serv_banner: SSH-2.0-OpenSSH_7.6p1 Ubuntu-4
530 serv_banner: SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.4
448 serv_banner: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3
405 serv_banner: SSH-2.0-OpenSSH_7.2p2
390 serv_banner: SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.1
KEX algorithms offered:
242516 kex_algorithms: diffie-hellman-group-exchange-sha256
228863 kex_algorithms: curve25519-sha256@libssh.org
225829 kex_algorithms: ecdh-sha2-nistp256
225687 kex_algorithms: ecdh-sha2-nistp384
225587 kex_algorithms: ecdh-sha2-nistp521
190201 kex_algorithms: diffie-hellman-group14-sha256
190193 kex_algorithms: diffie-hellman-group16-sha512
189987 kex_algorithms: diffie-hellman-group18-sha512
183742 kex_algorithms: curve25519-sha256
147229 kex_algorithms: diffie-hellman-group14-sha1
59194 kex_algorithms: diffie-hellman-group-exchange-sha1
53329 kex_algorithms: diffie-hellman-group1-sha1
8969 kex_algorithms: sntrup761x25519-sha512@openssh.com
354 kex_algorithms: diffie-hellman-group15-sha512
271 kex_algorithms: ext-info-s
119 kex_algorithms: diffie-hellman-group17-sha512
89 kex_algorithms: gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==
86 kex_algorithms: gss-group14-sha1-toWM5Slw5Ew8Mqkay+al2g==
82 kex_algorithms: sntrup4591761x25519-sha512@tinyssh.org
80 kex_algorithms: curve448-sha512
76 kex_algorithms: gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==
56 kex_algorithms: ecdh-sha2-1.3.132.0.10
35 kex_algorithms: sm2kep-sha2-nistp256
23 kex_algorithms: gss-group14-sha256-toWM5Slw5Ew8Mqkay+al2g==
18 kex_algorithms: rsa1024-sha1
17 kex_algorithms: rsa2048-sha256
17 kex_algorithms: gss-group15-sha512-toWM5Slw5Ew8Mqkay+al2g==
15 kex_algorithms: gss-group14-sha1-
15 kex_algorithms: gss-gex-sha1-
6 kex_algorithms: gss-nistp256-sha256-toWM5Slw5Ew8Mqkay+al2g==
6 kex_algorithms: gss-group16-sha512-toWM5Slw5Ew8Mqkay+al2g==
6 kex_algorithms: gss-curve25519-sha256-toWM5Slw5Ew8Mqkay+al2g==
4 kex_algorithms: gss-group1-sha1-
Server host algorithms offered:
242939 server_host_algorithms: ssh-rsa
226943 server_host_algorithms: rsa-sha2-256
226712 server_host_algorithms: rsa-sha2-512
219872 server_host_algorithms: ssh-ed25519
219622 server_host_algorithms: ecdsa-sha2-nistp256
28921 server_host_algorithms: ssh-dss
4027 server_host_algorithms: ssh-rsa-cert-v01@openssh.com
899 server_host_algorithms: ecdsa-sha2-nistp521
848 server_host_algorithms: ssh-ed25519-cert-v01@openssh.com
435 server_host_algorithms: rsa-sha2-512-cert-v01@openssh.com
435 server_host_algorithms: rsa-sha2-256-cert-v01@openssh.com
165 server_host_algorithms: ssh-rsa-sha256@ssh.com
94 server_host_algorithms: ecdsa-sha2-nistp384
63 server_host_algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com
MAC algorithms offered:
249189 mac_algorithms: hmac-sha2-256 248216 mac_algorithms: hmac-sha2-512 229440 mac_algorithms: hmac-sha2-256-etm@openssh.com 229080 mac_algorithms: hmac-sha2-512-etm@openssh.com 225752 mac_algorithms: umac-128-etm@openssh.com 223541 mac_algorithms: umac-128@openssh.com 222549 mac_algorithms: hmac-sha1 211784 mac_algorithms: umac-64@openssh.com 209310 mac_algorithms: hmac-sha1-etm@openssh.com 202309 mac_algorithms: umac-64-etm@openssh.com 26895 mac_algorithms: hmac-ripemd160 25546 mac_algorithms: hmac-ripemd160@openssh.com 16434 mac_algorithms: hmac-sha1-96 16233 mac_algorithms: hmac-md5 15609 mac_algorithms: hmac-md5-96 5578 mac_algorithms: hmac-sha1-96-etm@openssh.com 5569 mac_algorithms: hmac-md5-etm@openssh.com 5556 mac_algorithms: hmac-md5-96-etm@openssh.com 5295 mac_algorithms: hmac-ripemd160-etm@openssh.com 1433 mac_algorithms: hmac-sha2-256-96 1377 mac_algorithms: hmac-sha2-512-96
Encryption algorithms offered:
252229 encryption_algorithms: aes256-ctr
251869 encryption_algorithms: aes128-ctr
244078 encryption_algorithms: aes192-ctr
222625 encryption_algorithms: aes128-gcm@openssh.com
222599 encryption_algorithms: chacha20-poly1305@openssh.com
222458 encryption_algorithms: aes256-gcm@openssh.com
62487 encryption_algorithms: aes256-cbc
62383 encryption_algorithms: aes128-cbc
55496 encryption_algorithms: aes192-cbc
55302 encryption_algorithms: 3des-cbc
52355 encryption_algorithms: blowfish-cbc
51794 encryption_algorithms: cast128-cbc
17841 encryption_algorithms: rijndael-cbc@lysator.liu.se
17445 encryption_algorithms: arcfour256
17363 encryption_algorithms: arcfour128
14864 encryption_algorithms: arcfour
320 encryption_algorithms: 3des-ctr
258 encryption_algorithms: twofish256-cbc
258 encryption_algorithms: twofish128-cbc
237 encryption_algorithms: twofish-cbc
185 encryption_algorithms: twofish192-cbc
171 encryption_algorithms: twofish256-ctr
171 encryption_algorithms: twofish128-ctr
168 encryption_algorithms: twofish192-ctr
126 encryption_algorithms: none
119 encryption_algorithms: des-cbc
104 encryption_algorithms: AEAD_AES_128_GCM
98 encryption_algorithms: AEAD_AES_256_GCM
57 encryption_algorithms: rijndael256-cbc
56 encryption_algorithms: blowfish-ctr
55 encryption_algorithms: rijndael192-cbc
55 encryption_algorithms: rijndael128-cbc
47 encryption_algorithms: aes256-gcm
47 encryption_algorithms: aes128-gcm
11 encryption_algorithms: des
10 encryption_algorithms: 3des
RSA modulus in case of RSA negotiation:
180007 binlog(RSA_modulus_n): 2048 65593 binlog(RSA_modulus_n): 3072 2965 binlog(RSA_modulus_n): 4096 1495 binlog(RSA_modulus_n): 1024
No, RSA GCD attack is not possible anymore. But even if you could factor SSH server's RSA key, you only could mount MITM attack. For logging into server, you still need to know login/password or have login/private key pair + corresponding public key on server in $HOME/.ssh/authorized_keys file.
My other blog posts about SSH protocol dissected: 1, 2, 3, 4.
Yes, I know about these lousy Disqus ads. Please use adblocker. I would consider to subscribe to 'pro' version of Disqus if the signal/noise ratio in comments would be good enough.