SSH Protocol Support
ZestSSH implements the SSH-2 protocol for secure remote connections. This page documents the protocol details and supported features.
Protocol Version
Section titled “Protocol Version”ZestSSH supports SSH-2 (RFC 4253 and related RFCs). SSH-1 is not supported due to known security vulnerabilities.
Supported Features
Section titled “Supported Features”| Feature | Status |
|---|---|
| Password authentication | Supported |
| Public key authentication | Supported |
| Keyboard-interactive authentication | Supported |
| FIDO2 / security key authentication | Supported |
| OpenSSH certificate authentication | Supported |
| SSH agent forwarding | Supported |
| Local port forwarding | Supported (Pro) |
| Remote port forwarding | Supported (Pro) |
| Dynamic port forwarding (SOCKS5) | Supported (Pro) |
| SFTP subsystem | Supported |
| Terminal emulation (xterm-256color) | Supported |
| Keep-alive packets | Supported |
| Host key verification and caching | Supported |
| Jump host / ProxyJump | Supported (Pro) |
Host Key Types
Section titled “Host Key Types”ZestSSH verifies and caches server host keys. Supported host key types:
ssh-ed25519ecdsa-sha2-nistp256ecdsa-sha2-nistp384ecdsa-sha2-nistp521rsa-sha2-512rsa-sha2-256ssh-rsa(legacy, for older servers)
Algorithm Details
Section titled “Algorithm Details”For the complete list of ciphers, key exchange algorithms, and MAC algorithms, see Ciphers & Algorithms.