Skip to content

Repo sync #40840

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
docs-bot merged 3 commits into from
Oct 14, 2025
Merged

Repo sync #40840

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
56aa699
Merge pull request #57951 from github/repo-sync
docs-bot Oct 13, 2025
62f233e
[Release]: Add prompt files to JetBrains docs in custom instructions …
vgrl Oct 13, 2025
876388e
Added cipher configuration info (#57623)
CrossStratos Oct 13, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
89 changes: 89 additions & 0 deletions ...nce/administering-your-instance-from-the-command-line/command-line-utilities.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ topics:
- Enterprise
- SSH
---

You can execute these commands from anywhere on the VM after signing in as an SSH admin user. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/accessing-the-administrative-shell-ssh).

## General
Expand Down Expand Up @@ -140,6 +141,94 @@ This utility applies {% data variables.enterprise.management_console %} settings
ghe-config-apply
```

{% ifversion ghes > 3.18 %}

### ghe-crypto

This utility is used to verify and list {% data variables.enterprise.management_console %} `github-ssl` crypto settings for TLS and SSH connections.

The list of configurable `github-ssl` fields can be viewed via `ghe-crypto --help`.

#### Listing default cipher suites and algorithms

The `list` command returns default crypto settings for a given field. Use the `-o json` flag to output the results in JSON format.

To list TLS 1.2 cipher suites:

```shell
ghe-crypto list tlsv12-ciphersuites
```

To list TLS 1.3 cipher suites:

```shell
ghe-crypto list tlsv13-ciphersuites
```

To list SSH ciphers:

```shell
ghe-crypto list ssh-ciphers
```

To list SSH MAC algorithms:

```shell
ghe-crypto list ssh-mac-algorithms
```

To list SSH key exchange algorithms:

```shell
ghe-crypto list ssh-kex-algorithms
```

To list SSH signature types:

```shell
ghe-crypto list ssh-signature-types
```

Example output in JSON format:

```shell
$ ghe-crypto list tlsv12-ciphersuites -o json
> [
> "ECDHE-ECDSA-AES128-GCM-SHA256",
> "ECDHE-ECDSA-CHACHA20-POLY1305",
> "ECDHE-ECDSA-AES256-GCM-SHA384",
> "ECDHE-RSA-AES128-GCM-SHA256",
> "ECDHE-RSA-CHACHA20-POLY1305",
> "ECDHE-RSA-AES256-GCM-SHA384"
> ]
```

#### Checking cipher suites and algorithms

The `check` command validates a single line of crypto settings delimited by `,`. This is useful before applying configuration changes.

To check TLS 1.2 cipher suites:

```shell
ghe-crypto check tlsv12-ciphersuites CIPHER1,CIPHER2,CIPHER3
```

To check TLS 1.3 cipher suites:

```shell
ghe-crypto check tlsv13-ciphersuites TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384,TLS_CHACHA20_POLY1305_SHA256
```

To check SSH ciphers:

```shell
ghe-crypto check ssh-ciphers [email protected],[email protected],[email protected]
```

For more information about configuring cipher suites and cryptographic algorithms, see [AUTOTITLE](/admin/configuring-settings/hardening-security-for-your-enterprise/configuring-tls#configuring-cipher-suites-and-cryptographic-algorithms).

{% endif %}

### ghe-console

This utility opens the GitHub Rails console on your {% data variables.product.prodname_enterprise %} appliance. {% data reusables.command_line.use_with_support_only %}
Expand Down
Loading
Loading