Our Products:   CompleteFTP  edtFTPnet/Free  edtFTPnet/PRO  edtFTPj/Free  edtFTPj/PRO
0 votes
46 views
in CompleteFTP by (2.4k points)

How do I disable vulnerable ciphers in SSH/SFTP? My security audit says Diffie-Hellman-Group1-sha1  and Blowfish-cbc should be disabled. 

1 Answer

0 votes
by (2.4k points)

In the CompleteFTP Manager, under 

SFTP Settings>Advanced SFTP Settings>Algorithms>Available Key Exchange Methods 

click in the box and deselect 'Diffie-Hellman-Group1-sha1' (key exchange). 

Under 

SFTP Settings>Advanced SFTP Settings>Algorithms>Available Ciphers

click in the box and deselect 'Blowfish-cbc' (cipher). 

Both of these settings sometimes show up when a vulnerability scan is run, and are shown by some scans as 'deprecated'.

Categories

...