The background is we exchange file with a bank and they requested us to update the MAC algorithm as above.

martin wrote:

If ETM variant is in use, the message would say:

Initialised HMAC-SHA-256 outbound MAC algorithm (in ETM mode)

So "Initialised HMAC-SHA-256 outbound MAC algorithm" should mean "hmac-sha2-256" is in use?

And yes, ETM is MORE SECURE.

I googled and also found this conclusion, so I do not know why they allow "hmac-sha2-256" while disallow "hmac-sha2-256-etm@openssh.com"

The "service provider" does not tell us anything, about what does the "provider" have to do with the connection. Do they run the server?

If ETM variant is in use, the message would say:


Of course, when the ETM is disabled by the server, WinSCP won't (cannot) use it.

And yes, ETM is MORE SECURE.

My service provider requests to disable some and only allow use some algorithm as below.

Algorithms to disable

• hmac-sha2-256-etm@openssh.com
  
• hmac-sha2-512-etm@openssh.com
  
• hmac-sha2-256-etm

Algorithms allow

• hmac-sha256
  
• hmac-sha256@ssh.com
  
• hmac-sha2-256

---

1. From the log "Initialised HMAC-SHA-256 outbound MAC algorithm", can we know "hmac-sha2-256" or "hmac-sha2-256-etm@openssh.com" is in use?
   
2. As from the log "Initialised HMAC-SHA-256 outbound MAC algorithm", we would conclude either "hmac-sha2-256" or "hmac-sha2-256-etm@openssh.com" must be in use. In case "hmac-sha2-256-etm@openssh.com" is disabled while "hmac-sha2-256" is kept by the provider, should "hmac-sha2-256" automatically be used on my side?
   
3. Is ETM version more secure? i.e., "hmac-sha2-256-etm@openssh.com" is better than "hmac-sha2-256"?

1. Yes, distinct, but related
   
2. Yes, both are supported
   
3. SHA-256 and SHA2-256 are the same thing
   
4. MAC algorithms are not configurable – disable them of the server, if you do not want to use them
   

What's wrong with ETM?

My client need to harden the MAC algorithm use for the connection, by disallowing "hmac-sha2-256-etm@openssh.com" while allowing "hmac-sha2-256". Checked the link https://winscp.net/eng/docs/ssh_algorithms, and use the command WinSCP /info, the MAC algorithm supported are listed below

SSH MAC algorithms:
hmac-sha2-256 (hmac-sha2-256-etm@openssh.com)
hmac-sha2-512 (hmac-sha2-512-etm@openssh.com)
hmac-sha1 (hmac-sha1-etm@openssh.com)
hmac-sha1-96 (hmac-sha1-96-etm@openssh.com)
hmac-md5 (hmac-md5-etm@openssh.com)

My questions are:

1. Are "hmac-sha2-256" and "hmac-sha2-256-etm@openssh.com" 2 distinct (but related?) algorithms?
   
2. From the above table, does the item "hmac-sha2-256 (hmac-sha2-256-etm@openssh.com)" mean "hmac-sha2-256" and "hmac-sha2-256-etm@openssh.com" are both supported, instead of support "hmac-sha2-256" in form of "hmac-sha2-256-etm@openssh.com"?
   
3. Checked from the log for the MAC algorithm in use and found "Initialised HMAC-SHA-256 outbound MAC algorithm". What does this mean? Does it mean support "hmac-sha-256", "hmac-sha2-256", or others?
   
4. Found from post that the MAC algorithm is not configurable in WinSCP (https://winscp.net/forum/viewtopic.php?t=25983), is this still true? Is the MAC algorithm to be used are negotiable during the connection with the client that we cannot enforcedly to specify which one must be used?