Hi, looking through the key specification, you can see that its the second field in the key file: https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.key#L11 It looks like there is no convenient way to get this information with openssh cli, but given that the file format is just base64 encoded, you can read it out with something like this: $ cat /tmp/rsa | head -n -1 | tail -n +2 | base64 -d | hexdump -C | head -n 2 00000000 6f 70 65 6e 73 73 68 2d 6b 65 79 2d 76 31 00 00 |openssh-key-v1..| 00000010 00 00 0a 61 65 73 32 35 36 2d 63 74 72 00 00 00 |...aes256-ctr...| In this case, this key is aes256-ctr encrypted. Jakub On Mon, Jan 22, 2024 at 5:27 PM SCOTT FIELDS <Scott.Fields@xxxxxxxxxxx> wrote: > > > > As part of audit due diligence, we need to determine which cipher was used to encrypt OpenSSH private keys, but I don't see any command option to view this for a given SSH private key file. > > > Scott > > Kyndryl > > Senior Lead SRE – BNSF > > > > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev@xxxxxxxxxxx > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev > _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev