Thread: 3rd party changed key change algorithm, we don't seem to have them available
View Single Post
  #1  
Old 03-03-2019, 06:52 PM
dverbern dverbern is offline
Registered User
  
Join Date: Mar 2019
Posts: 31
Unhappy 3rd party changed key change algorithm, we don't seem to have them available
First time here.
We are licensed for and using VShell Enterprise Server with FTPS.

A vendor recently advised it was changing security, dropping support for some algorithms and adding some new ones.

We are now seeing the file transfer fail with error:

"Key exchange failed. No compatible key exchange method. The server supports these methods: diffie-hellman-group16-sha512,diffie-hellman-group14-sha256,diffie-hellman-group-exchange-sha256"

In our version 4.0.4 (x64 build 636) of VShell, under Key Exchange, we have some algorithms checked:

"diffie-hellman-group14", "diffie-hellman" and "diffie-hellman-group"

Note the vendor ones are stated in error above are not listed. Under "Cipher/MAC", within "MAC", there are a couple of MACs not yet checked such as "SHA2-512" or "SHA2-256". I don't know enough about security to know how these concepts work together.

If anyone is able to advise how we might be able to make "diffie-hellman-group16-sha512" and/or "diffie-hellman-group14-sha256" OR "diffie-hellman-group-exchange-sha256" available within our VShell, that would be welcome.
Reply With Quote