1. Home

Product groups

Support

Use of strong ciphers / MAC algorithms - WeOnlyDo Discussion board

Use of strong ciphers / MAC algorithms (wodSSH / wodSSH.NET)

by sshcipher, Tuesday, August 04, 2020, 14:44 (1583 days ago)

Hi,

I received a question from someone in my company. We're running SSH-2.0-WeOnlyDo-wodFTPD 3.3.0.424,
and we are apparently using "weak" ciphers and MAC algorithms (MD5/SHA1 - CBC modes etc). I was wondering if you could provide guidance as to how we can enforce the use of strong ciphers.
Is this a config thing where we edit the conf file, or do we need to update our current version? Would be grateful for all help.

locked
  6577 views

Use of strong ciphers / MAC algorithms

by Jasmine, Tuesday, August 04, 2020, 16:14 (1583 days ago) @ sshcipher

Hi.

Yes, you can use EncryptionList, HMACList, KeyExchangeList properties and remove or rearrange ciphers on that list to suit your needs. You can not add new ones on the list, of course, since they are not implemented by wodFTPServer.

I hope this helps!
Jasmine.

locked
  6632 views

Use of strong ciphers / MAC algorithms

by sshcipher, Wednesday, August 05, 2020, 09:14 (1582 days ago) @ Jasmine

Hi,

Thank you for your reply! It is very appreciated.

I have a follow-up question. When looking at the server in shodan.io it lists hmac-sha1 and hmac-md5 as the available mac algorithms.

When looking at the wosSSH Help - HMac list I see that more secure algorithms are supported. Does this mean that the server is running an outdated version and should be updated if we want to use for example hmac-sha2-256-etm@openssh.com ? Since we cannot add new ones.

locked
  6565 views

Use of strong ciphers / MAC algorithms

by Jasmine, Wednesday, August 05, 2020, 10:27 (1582 days ago) @ sshcipher

Hi.

Yes, it's possible you're using very old version so you should update to the latest for stronger ciphers.

Regards,
Jasmine.

locked
  6588 views

Use of strong ciphers / MAC algorithms

by sshcipher, Wednesday, August 05, 2020, 11:07 (1582 days ago) @ Jasmine

Thank you!

locked
  6559 views

You did a great job on wodSSH and wodSSHServer! I got a lot for very little money. Thanks!

Dirk Bulinckx
bvba Woodstone

Congratulations on an excellent product and first rate support!

Sander Pool
Rhapsody Networks

...wodFtpDlx was exactly what I needed, it worked, and it was priced right...

David Keenan
Serengeti Systems Incorporated

I would highly recommend this to anyone who needs a good quality SFTP solution.

Ian D. Mead, author of UltraEdit-32
IDM Computer Solutions

...I'm extremely impressed with the product, it represents excellent value for money...

Danny Haworth
Assetdisk

We have recently completed a large 1200+ location project where reliable Telnet and SSH connectivity was required. wodSSH worked flawlessly and allowed our staff to complete our project ontime and within budget.

James Sievers
Harbor Technologies

I really like these products - they are consistently first rate!

David Witten
WWR Development, Inc.

Thank you very much for the rapid responses. I was a little nervous about dealing with a company that is on a different continent from me. You have proven my concerns to be unfounded.

Robert Pacheco
Surebridge, Inc.

Your .NET components allow us to blend .NET technology seamlessly with secure communication, and with excellent technical support.

Bil Bragg
Dionach

It was no small factor, however, that your support in getting me up and running made me buy from you.

Charles Taylor
InterWeave, Inc.