Announcement

Collapse
No announcement yet.

Supported Cipher Suites

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Zoë
    replied
    BC should support all of the following algorithms for key exchange:

    diffie-hellman-group14-sha1
    diffie-hellman-group-exchange-sha256
    rsa1024-sha1
    rsa2048-sha256
    ecdh-sha2-nistp256
    ecdh-sha2-nistp384
    ecdh-sha2-nistp521
    ecdh-sha2-nistk163
    ecdh-sha2-nistp192
    ecdh-sha2-nistp224
    ecdh-sha2-nistk233
    ecdh-sha2-nistb233
    ecdh-sha2-nistk283
    ecdh-sha2-nistk409
    ecdh-sha2-nistb409
    ecdh-sha2-nistt571
    ecdh-sha2-curve25519
    However, in order to work around buggy servers, it will disable everything except the diff-hellman algorithms if the server software is reported as any of the following:

    OpenSSH_3.6
    OpenSSH_3.5
    OpenSSH_3.4
    OpenSSH_3.3
    OpenSSH_3.2
    OpenSSH_3.1
    SSHSecureShellWindowsNTServer
    mod_sftp/0.9
    InternetServerSSHD
    3.2.0SSHOpenVMSV5.5VMS_sftp_version3

    Leave a comment:


  • markm9999
    replied
    Did some quick testing and found I had to enable diffie-hellman-group1-sha1 OR diffie-hellman-group1-sha14 for the Key Exchange.

    SSH server was looking for ecdh-sha2/secp256k1 which isn't support by BC 4.07. Maybe in the future?

    But please still post supported ciphers!

    Leave a comment:


  • markm9999
    replied
    I've run into a similar issue as well connecting to a SSH server, however I think it would also be nice to know all supported ciphers. Reviewing the previous replies, it was never stated what ciphers are supported.

    Can someone please post the answer here.

    Leave a comment:


  • Frescard
    replied
    Well, after complaining to our IT department, they changed the order of the encryption protocols, and now it works again...

    But I wasn't aware that BC3 supports Pageant. That will definitely be good to know if I ever run into these issues again!

    And thanks for the quick reply. You guys are the best!

    Leave a comment:


  • Aaron
    replied
    Hello,

    Would you be using SSL certificates or a private/public key pair?

    BC3 also supports using Pageant (Putty) to verification. If you remove the settings in BC3 and clear them out, then set up pageant (and test against putty), does pageant then get BC3 working for you as well?

    Leave a comment:


  • Frescard
    started a topic Supported Cipher Suites

    Supported Cipher Suites

    Which cipher suites does BC3 support when using SFTP over SSH?
    Our company recently changed theirs to aes256-ctr,aes192-ctr,aes128-ctr,arcfour256 (MACs: hmac-sha2-256,hmac-sha2-512,hmac-ripemd160), and ever since that I cannot use BC3 on our servers anymore (getting errors about "SSL is not available on this server").
Working...
X