Hello,
I tried to login on a server which only allows selected encryption and the connection is failing. It seems filezilla 3.42.1 doesn't support any of the following:
KexAlgorithms curve25519-sha256@libssh.org
HostKeyAlgorithms ssh-ed25519
Ciphers chacha20-poly1305@openssh.com
MACs hmac-sha2-512-etm@openssh.com
Is there a plan to support those modern algorithms?
Thank you
Support for ed25519 with sftp
Moderator: Project members
Re: Support for ed25519 with sftp
All of these are supported.
The SFTP support in FileZilla is based on PuTTY and as such some configuration is shared with PuTTY. Do you by chance have disabled these algorithms in your PuTTY configuration?
The SFTP support in FileZilla is based on PuTTY and as such some configuration is shared with PuTTY. Do you by chance have disabled these algorithms in your PuTTY configuration?
Re: Support for ed25519 with sftp
Hello,
PuTTY is not even installed on that machine. Note that PuTTY needs at least version 0.68 to support elliptic curves.
log on the server is:
PuTTY is not even installed on that machine. Note that PuTTY needs at least version 0.68 to support elliptic curves.
log on the server is:
no matching MAC found. Their offer: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5,hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-etm@openssh.com [preauth]
Re: Support for ed25519 with sftp
OK, my bad, the logs where filled with bruteforcers too, so only hmac-sha2-512-etm@openssh.com is not supported
Re: Support for ed25519 with sftp
Oh I see, it's the specific size of the hmac-sha2-etc, try enabling the 256 one server-side. Given that the Kex is only using sha256, having the Mac even larger does not improve security.