Re: What about specifying only a set of ciphers or exclude a set of ciphers?
Tried the session template and it worked like a charm.
Thanks a ton Martin
Regards
Thanks a ton Martin
Regards
- zikowski
Post a reply
Before posting, please read how to report bug or request support effectively.
Bug reports without an attached log file are usually useless.
Topic review
- martin
Re: What about specifying only a set of ciphers or exclude a set of ciphers?
@zikowski: WinSCP GUI can generate a code template from the working GUI session for you:
https://winscp.net/eng/docs/ui_generateurl#code
The key is to use
https://winscp.net/eng/docs/rawsettings#cipher
https://winscp.net/eng/docs/ui_generateurl#code
The key is to use
Cipher raw session settings:
https://winscp.net/eng/docs/rawsettings#cipher
- zikowski
What about specifying only a set of ciphers or exclude a set of ciphers?
Hello Martin,
I have a PowerShell script that uses WinSCP for file movements from an SFTP. But now they SFTP only supports a certain ciphers. I can configure it in the GUI but how can we set it in PowerShell?
ChatGPT says
I have a PowerShell script that uses WinSCP for file movements from an SFTP. But now they SFTP only supports a certain ciphers. I can configure it in the GUI but how can we set it in PowerShell?
ChatGPT says
$preferredCiphers would work but it doesn't. Any way to achieve this?
- martin
Re: Make WinSCP Use a Specific Encryption Algorithm
I'd prefer not to modify the PuTTY code too much. So I hope they implement this on their side.
- TheCliGuy
Re: Make WinSCP Use a Specific Encryption Algorithm
Hello Martin,
Thanks for providing the link to Cipher selection UI is messy and irrational on the PuTTY wishlist.
I think the author of that wish expressed the problem very well. It's unfortunate that no action has been taken since it was logged in 2007...
I really like the WinSCP .Net library and would very much like to use it in the project that I'm currently working on but in order to comply with my customer's security policy I have to ensure that a minimum encryption algorithm of AES 256 is used. So unfortunately I will have to find an alternative library that can meet my needs.
Is there any possibility that in the future you might be able to enhance the the PuTTY code that WinSCP depends on so it is possible to select specific algorithms?
Thanks for providing the link to Cipher selection UI is messy and irrational on the PuTTY wishlist.
I think the author of that wish expressed the problem very well. It's unfortunate that no action has been taken since it was logged in 2007...
I really like the WinSCP .Net library and would very much like to use it in the project that I'm currently working on but in order to comply with my customer's security policy I have to ensure that a minimum encryption algorithm of AES 256 is used. So unfortunately I will have to find an alternative library that can meet my needs.
Is there any possibility that in the future you might be able to enhance the the PuTTY code that WinSCP depends on so it is possible to select specific algorithms?
- martin
Re: Make WinSCP Use a Specific Encryption Algorithm
You can configure WinSCP to warn, when any non-AES algorithm is about to be used:
https://winscp.net/eng/docs/ui_login_ssh
You cannot configure WinSCP to avoid using AES wearer then 256 though.
This feature is on PuTTY TODO list:
https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/cipher-selection.html
https://winscp.net/eng/docs/ui_login_ssh
You cannot configure WinSCP to avoid using AES wearer then 256 though.
This feature is on PuTTY TODO list:
https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/cipher-selection.html
- TheCliGuy
Make WinSCP Use a Specific Encryption Algorithm
I'm working on a project where files are to be uploaded to various third party SFTP servers that are not under my control.
The security team that I'm working with have specified that I must use an encryption algorithm of either aes256-ctr or aes256-gcm when connecting to an SFTP server. If an SFTP server doesn't support aes256-ctr or aes256-gcm then the connection must fail.
WinSCP does not support aes256-gcm but it does support aes256-ctr. Is there a way of specifying that aes256-ctr must be used?
If WinSCP does not currently support this, is it a feature that could be added in the future?
The security team that I'm working with have specified that I must use an encryption algorithm of either aes256-ctr or aes256-gcm when connecting to an SFTP server. If an SFTP server doesn't support aes256-ctr or aes256-gcm then the connection must fail.
WinSCP does not support aes256-gcm but it does support aes256-ctr. Is there a way of specifying that aes256-ctr must be used?
If WinSCP does not currently support this, is it a feature that could be added in the future?