Topic "winscp not suporting MACs"

Author Message
d3xt3r01
[View user's profile]
Donor
Joined: 2014-04-02
Posts: 2
Location: Romania
Hello,

I've been trying to apply bettercrypto's cipherstring in my openssh instalation ( https://bettercrypto.org - https://bettercrypto.org/static/applied-crypto-hardening.pdf ). Only to notice I can't connect to transfer files anymore using winscp.
Here's what the logs say:

Apr 1 16:28:17 asandu2 sshd[23292]: fatal: no matching mac found: client hmac-sha1,hmac-sha1-96,hmac-md5 server hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160 [preauth]

Which ofcourse don't contain any of the ones I have in my sshd_config...

Ciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes128-ctr
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
KexAlgorithms diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1

Is there anything I could do ( besides disabling the MAC's I set ) ?
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24991
Location: Prague, Czechia
What version of WinSCP are you using? WinSCP supports hmac-sha2-512 since 5.2.5 beta.
d3xt3r01
[View user's profile]
Donor
Joined: 2014-04-02
Posts: 2
Location: Romania
Yup, that was it .. I was using 5.1.7 :| The portable version doesn't yell that any updates are available...
Thanks.
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License