KeithInSac wrote:

I can see that I can the option reorder/prioritize SSH Encryption Ciphers in the Advanced Site Settings | SSH | Encryption Options. But, to ensure client-server handshake using FIPS 140-2 approved ciphers, I'd like to disable ciphers locally. I can't control external data services providers, but I can, hopefully, control what I'm willing to negotiate to. Is this possible?

Move the ciphers, you do not want to use, below the "warn below here" line.
You can then choose to reject the connection, if there's no cipher, you are willing to use, available.

I can see that I can the option reorder/prioritize SSH Encryption Ciphers in the Advanced Site Settings | SSH | Encryption Options. But, to ensure client-server handshake using FIPS 140-2 approved ciphers, I'd like to disable ciphers locally. I can't control external data services providers, but I can, hopefully, control what I'm willing to negotiate to. Is this possible?

I have documented algorithms supported by the latest version of WinSCP at:
https://winscp.net/eng/docs/ssh_algorithms
You should upgrade to the latest version in any case.

Anyway, 5.7.6 supports the same set of algorithms, except for those added in 5.8.1:
https://winscp.net/eng/docs/history?a=5.8.1
(though there was no change in set of supported ciphers, except for change in their preference order in 5.8.3)

Is there a document that lists which ciphers are supported by versions of WinSCP? We are currently running version 5.7.6 and one of our vendors is going to restrict the type of ciphers that can be used to communicate with them.

Thanks.