winscp not suporting MACs

Advertisement

d3xt3r01
Donor
Joined:
Posts:
2
Location:
Romania

winscp not suporting MACs

Hello,

I've been trying to apply bettercrypto's cipherstring in my openssh instalation ( https://bettercrypto.org - https://bettercrypto.org/static/applied-crypto-hardening.pdf ). Only to notice I can't connect to transfer files anymore using winscp.
Here's what the logs say:

Apr 1 16:28:17 asandu2 sshd[23292]: fatal: no matching mac found: client hmac-sha1,hmac-sha1-96,hmac-md5 server hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160 [preauth]

Which ofcourse don't contain any of the ones I have in my sshd_config...

Ciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes128-ctr
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
KexAlgorithms diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1

Is there anything I could do ( besides disabling the MAC's I set ) ?

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
27,476
Location:
Prague, Czechia

Re: winscp not suporting MACs

What version of WinSCP are you using? WinSCP supports hmac-sha2-512 since 5.2.5 beta.

Reply with quote

d3xt3r01
Donor
Joined:
Posts:
2
Location:
Romania

[solved] Re: winscp not suporting MACs

Yup, that was it .. I was using 5.1.7 :| The portable version doesn't yell that any updates are available...
Thanks.

Reply with quote

Advertisement

You can post new topics in this forum