SFTP plugin - unsupported ETM HMACs
Posted: 2020-06-29, 16:03 UTC
Hello,
I'm trying to connect to a server that only offers etm (encrypt then mac) HMACs, but the plugin fails to reach a settlement:
Their use being recommanded in the sshd_config manpage itself, would you consider supporting them ?
I'd be happy to beta-test this for you.
Best regards,
I'm trying to connect to a server that only offers etm (encrypt then mac) HMACs, but the plugin fails to reach a settlement:
Code: Select all
Connect call failed
Transport exception: Unable to reach a settlement: [hmac-sha1, <more hmacs> ] and [hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com]
Here's the list of ETM HMAC from the same man page:The algorithms that contain "-etm" calculate the MAC after encryption (encrypt-then-mac). These are considered safer and their use recommended.
Code: Select all
hmac-md5-etm@openssh.com
hmac-md5-96-etm@openssh.com
hmac-sha1-etm@openssh.com
hmac-sha1-96-etm@openssh.com
hmac-sha2-256-etm@openssh.com
hmac-sha2-512-etm@openssh.com
umac-64-etm@openssh.com
umac-128-etm@openssh.com
Best regards,