SFTP Gateway Support

3.0

Encryption Algorithms

Overview

In SFTP Gateway version 3.5.0, we added a section under the Settings page for configuring SFTP encryption algorithms.

Under the Encryption Algorithms section, you can specify exactly which HMACs, Public Keys, SSH2 Ciphers and Key Exchange algorithms that the server supports.

By default, only the PARANOID and STRONG algorithms will be allowed. Clicking Reset to Default will reset to the default configuration as seen in the image above.

In order to make edits, change the mode from Viewing to Editing. Any changes made are saved automatically.

Encryption Algorithm List

HMACs

HMAC implementation is provided by Bouncy Castle.

The following is a list of HMAC algorithms supported by SFTP Gateway:

hmac-sha2-512
hmac-sha2-512-96
[email protected] 

-- PARANOID SUPPORTS ABOVE -- 

hmac-sha2-256
hmac-sha2-256-96
[email protected]

-- STRONG SUPPORTS ABOVE -- 

hmac-sha1
hmac-sha1-96
[email protected]

-- WEAK SUPPORTS ABOVE --

Public Keys

The following is a list of Public Key algorithms supported by SFTP Gateway:

ssh-ed25519
[email protected]
ssh-ed448

-- PARANOID SUPPORTS ABOVE -- 

ecdsa-sha2-nistp256
[email protected]
ecdsa-sha2-nistp384
[email protected]
ecdsa-sha2-nistp521
[email protected]
rsa-sha2-256
rsa-sha2-512

-- STRONG SUPPORTS ABOVE -- 

ssh-dss
ssh-rsa
[email protected]

-- WEAK SUPPORTS ABOVE --

SSH2 Ciphers

The following is a list of Encryption Cipher algorithms supported by SFTP Gateway:

[email protected]
[email protected]
[email protected]

-- PARANOID SUPPORTS ABOVE -- 

aes128-ctr
aes192-ctr
aes256-ctr

-- STRONG SUPPORTS ABOVE -- 

3des-ctr

-- WEAK SUPPORTS ABOVE --

Key Exchanges

The following is a list of Key Exchange algorithms supported by SFTP Gateway:

curve25519-sha256
[email protected]
diffie-hellman-group15-sha512
diffie-hellman-group16-sha512
diffie-hellman-group17-sha512
diffie-hellman-group18-sha512

-- PARANOID SUPPORTS ABOVE -- 

diffie-hellman-group-exchange-sha256
diffie-hellman-group14-sha256
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521
rsa2048-sha256

-- STRONG SUPPORTS ABOVE -- 

diffie-hellman-group14-sha1

-- WEAK SUPPORTS ABOVE --
PreviousSFTP Gateway 3.0 Security Notes
OSZAR »