1. Home

Product groups

Support

Use of strong ciphers / MAC algorithms - WeOnlyDo Discussion board

Use of strong ciphers / MAC algorithms (wodSSH / wodSSH.NET)

by sshcipher, Tuesday, August 04, 2020, 14:44 (1582 days ago)

Hi,

I received a question from someone in my company. We're running SSH-2.0-WeOnlyDo-wodFTPD 3.3.0.424,
and we are apparently using "weak" ciphers and MAC algorithms (MD5/SHA1 - CBC modes etc). I was wondering if you could provide guidance as to how we can enforce the use of strong ciphers.
Is this a config thing where we edit the conf file, or do we need to update our current version? Would be grateful for all help.

locked
  6575 views

Use of strong ciphers / MAC algorithms

by Jasmine, Tuesday, August 04, 2020, 16:14 (1582 days ago) @ sshcipher

Hi.

Yes, you can use EncryptionList, HMACList, KeyExchangeList properties and remove or rearrange ciphers on that list to suit your needs. You can not add new ones on the list, of course, since they are not implemented by wodFTPServer.

I hope this helps!
Jasmine.

locked
  6630 views

Use of strong ciphers / MAC algorithms

by sshcipher, Wednesday, August 05, 2020, 09:14 (1581 days ago) @ Jasmine

Hi,

Thank you for your reply! It is very appreciated.

I have a follow-up question. When looking at the server in shodan.io it lists hmac-sha1 and hmac-md5 as the available mac algorithms.

When looking at the wosSSH Help - HMac list I see that more secure algorithms are supported. Does this mean that the server is running an outdated version and should be updated if we want to use for example hmac-sha2-256-etm@openssh.com ? Since we cannot add new ones.

locked
  6564 views

Use of strong ciphers / MAC algorithms

by Jasmine, Wednesday, August 05, 2020, 10:27 (1581 days ago) @ sshcipher

Hi.

Yes, it's possible you're using very old version so you should update to the latest for stronger ciphers.

Regards,
Jasmine.

locked
  6586 views

Use of strong ciphers / MAC algorithms

by sshcipher, Wednesday, August 05, 2020, 11:07 (1581 days ago) @ Jasmine

Thank you!

locked
  6558 views

...with a minimum of effort as the DLL interface was written with such simplicity...

Zack Menendez
Mapframe Corporation

Your .NET components allow us to blend .NET technology seamlessly with secure communication, and with excellent technical support.

Bil Bragg
Dionach

Thank you very much for the rapid responses. I was a little nervous about dealing with a company that is on a different continent from me. You have proven my concerns to be unfounded.

Robert Pacheco
Surebridge, Inc.

Many thanks for your excellent support service. I can see why you have a long list of excellent testimonials on your website.

Martyn Walker
Batmore Technolgies

...wodFtpDlx was exactly what I needed, it worked, and it was priced right...

David Keenan
Serengeti Systems Incorporated

...your service has been phenomenal. It's always quick and you are there when I need you.

James Newman
Castleberry Investments

The people at WeOnlyDo are amazing! ... I always get a super fast response from customer service, and the products are great too. Thanks WeOnlyDo

Jeff Hall
Occupational Health Research

Just thought you'd like to know that my gateway app with your SMTP Server component held the line against a DDOS attack today...

Chris Langsenkamp
Clever Technologies

I can only hope I will have the pleasure to work with other products by "We Only Do" in the future.

Tomer Spivak
Verint Systems Ltd

I really like these products - they are consistently first rate!

David Witten
WWR Development, Inc.