SSH is a preety secure to use and sometimes in nmpa scan there is a possibilty we dont get the version information for ssh so we can try get its version infromation by ennumerating though and see maybe if there is exploitation or vulnerablitiy with that version or something like that.

With SSH if we try to login then that would be considered exploitation btw.


sometimes with old boxes the ssh might not work for us the normal way so we can do something like and copy one of the offers in the errors found like in the screenshot

ssh -oKexAlgorithms=+Thealgorithmtheyoffered

and then it will show another error that we have to use a cipher or so and they will offer some and do a -c and paste one of them and it should work

This doesnt work many times but sometimes they will show a banner which displays the ssh version information

Sometimes what we have to do is get credentials for the ssh port from another source and then use those credentails for logging in with ssh