Post a reply

Before posting, please read how to report bug or request support effectively.

Bug reports without an attached log file are usually useless.

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

ddremiere@oxya.com

Key Exchange

Hi,
due to security requirements I have been asked to only use below KEX to connect to an SFTP site:
diffie-hellman-group-exchange-sha256
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521

Following ones are refused:
diffie-hellman-group14-sha1
diffie-hellman-group-exchange-sha1
diffie-hellman-group1-sha1
rsa1024-sha1

KEX names available in WinSCP (found for KEX parameter in https://winscp.net/eng/docs/rawsettings) are all with SHA-1 except ECDH.
But is it ECDH SHA-1 or SHA-2?

If SHA-1, it means I have to choose another SFTP ftp software, right?
Thx in advance
Regards
Daniel