Post a reply

Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)


Topic review


Re: SFTP Signature Algorithms

  1. Yes.
  2. Thanks for suggestion. I'll look into it.
  3. Use for that would be quite limited, wouldn't it? The algorithm is mostly determined by the private key.

SFTP Signature Algorithms

The WinSCP documentation on SSH Algorithms does not explicitly define the signature algorithms that are supported for use during key-based client authentication.

My questions are...

  1. Is it correct to assume that the algorithms listed under "Hostkey formats" on SSH Algorithms and under "SSH host key algorithms" in /info covers the signature algorithms for both server authentication using a host key pair and client authentication using an authorized user key pair? If this assumption is correct, then would it be possible to use terminology (such as "signature algorithm") that covers both usages, or make this more clear in some other way?

  2. Why does SSH Algorithms use the term "Hostkey formats", whereas /info uses the term "host key algorithms"? I would argue that "algorithm" is the better choice.

  3. Why can WinSCP modify the order of signature algorithm families using -rawsettings HostKey=... but there is no equivalent option for client authentication using an authorized user key pair?