Reject negotiation with not secure cipher.

Advertisement

jcromero
Joined:
Posts:
2
Location:
Madrid

Reject negotiation with not secure cipher.

Good morning,

we are using winSCP to connect to a SFTPServer, We need to use a AES-256 Cipher. In our firewall we see the tracelogs and we see the following problem:
- if we (client) start the negotiation we are able to use the cipher we want.
- but if the server is who start the negotiation use other not secure ciphert and we accept it.

Is there a way to reject this? Is there a way to force to use the cipher we want?

Thanks so much!

Reply with quote E-mail

Advertisement

jcromero
Joined:
Posts:
2
Location:
Madrid

Reject negotiation with not secure cipher.

Hi again,

we have set just the cypher we need (AES) over de warning thresold. Maybe the problem is that we need to use AES256 but we are accepting AES128 (both AES), is there a way to reject this one?

We need to use aes256-ctr mac: hmc-sha2-256. Can we configure the WinSCP client to use always this parameters in the cipher negotiation? (regardless of who initiates the negotiation?)

Thank so much.

Regards,

Reply with quote E-mail

Advertisement

You can post new topics in this forum