SFTP Gateway Support

3.0

Encryption Algorithms

Overview

In SFTP Gateway version 3.5.0, we added a section under the Settings page for configuring SFTP encryption algorithms.

Under the Encryption Algorithms section, you can specify exactly which HMACs, Public Keys, SSH2 Ciphers and Key Exchange algorithms that the server supports.

By default, only the PARANOID and STRONG algorithms will be allowed. Clicking Reset to Default will reset to the default configuration as seen in the image above.

In order to make edits, change the mode from Viewing to Editing. Any changes made are saved automatically.

Encryption Algorithm List

HMACs

HMAC implementation is provided by Bouncy Castle.

The following is a list of HMAC algorithms supported by SFTP Gateway:

hmac-sha2-512
hmac-sha2-512-96
hmac-sha2-512-etm@openssh.com 

-- PARANOID SUPPORTS ABOVE -- 

hmac-sha2-256
hmac-sha2-256-96
hmac-sha2-256-etm@openssh.com

-- STRONG SUPPORTS ABOVE -- 

hmac-sha1
hmac-sha1-96
hmac-sha1-etm@openssh.com

-- WEAK SUPPORTS ABOVE --

Public Keys

The following is a list of Public Key algorithms supported by SFTP Gateway:

ssh-ed25519
ssh-ed25519-cert-v01@openssh.com
ssh-ed448

-- PARANOID SUPPORTS ABOVE -- 

ecdsa-sha2-nistp256
ecdsa-sha2-nistp256-cert-v01@openssh.com
ecdsa-sha2-nistp384
ecdsa-sha2-nistp384-cert-v01@openssh.com
ecdsa-sha2-nistp521
ecdsa-sha2-nistp521-cert-v01@openssh.com
rsa-sha2-256
rsa-sha2-512

-- STRONG SUPPORTS ABOVE -- 

ssh-dss
ssh-rsa
ssh-rsa-cert-v01@openssh.com

-- WEAK SUPPORTS ABOVE --

SSH2 Ciphers

The following is a list of Encryption Cipher algorithms supported by SFTP Gateway:

aes128-gcm@openssh.com
aes256-gcm@openssh.com
chacha20-poly1305@openssh.com

-- PARANOID SUPPORTS ABOVE -- 

aes128-ctr
aes192-ctr
aes256-ctr

-- STRONG SUPPORTS ABOVE -- 

3des-ctr

-- WEAK SUPPORTS ABOVE --

Key Exchanges

The following is a list of Key Exchange algorithms supported by SFTP Gateway:

curve25519-sha256
curve25519-sha256@libssh.org
diffie-hellman-group15-sha512
diffie-hellman-group16-sha512
diffie-hellman-group17-sha512
diffie-hellman-group18-sha512

-- PARANOID SUPPORTS ABOVE -- 

diffie-hellman-group-exchange-sha256
diffie-hellman-group14-sha256
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521
rsa2048-sha256

-- STRONG SUPPORTS ABOVE -- 

diffie-hellman-group14-sha1

-- WEAK SUPPORTS ABOVE --
PreviousNext