SFTP Proxy Encryption and Key Exchange Algorithms

ssh (also sftp), or secure shell, provides a mechanism to establish a cryptographically secured connection between two parties, authenticating one side to the other, and passing commands and output back and forth to secure the transmission of information, ssh employs a number of different types of data manipulation techniques, at various points during the transaction system admins can configure the sftp proxy to enable or disable the key exchange and authentication algorithms used between the user and the sftp proxy to configure the sftp proxy to enable key exchange and authentication algorithms connect to the kron pam server cli interface as a kron pam admin user set the required parameters in /u01/sftp proxy/conf/nsso properties multiple values can be used by separating the values with a comma “,” parameter available values nsso server encryption algorithms chacha20 poly1305\@openssh com,aes128 ctr,aes192 ctr,aes256 ctr,aes128 gcm\@openssh com,aes256 gcm\@openssh com,aes128 cbc,aes192 cbc,aes256 cbc,arcfour256,arcfour128,3des cbc,blowfish cbc nsso server host key algorithms ecdsa sha2 nistp256 cert v01\@openssh com,ecdsa sha2 nistp384 cert v01\@openssh com,ecdsa sha2 nistp521 cert v01\@openssh com,ssh ed25519 cert v01\@openssh com,rsa sha2 512 cert v01\@openssh com,rsa sha2 256 cert v01\@openssh com,ecdsa sha2 nistp256,ecdsa sha2 nistp384,ecdsa sha2 nistp521,ssh ed25519,sk ecdsa sha2 nistp256\@openssh com,sk ssh ed25519\@openssh com,rsa sha2 512,rsa sha2 256,ssh rsa,ssh dss nsso server kex algorithms ecdh sha2 nistp521,ecdh sha2 nistp384,ecdh sha2 nistp256,diffie hellman group exchange sha256,diffie hellman group18 sha512,diffie hellman group17 sha512,diffie hellman group16 sha512,diffie hellman group15 sha512,diffie hellman group14 sha256,diffie hellman group exchange sha1,diffie hellman group14 sha1,diffie hellman group1 sha1 nsso server mac algorithms hmac sha2 256 etm\@openssh com,hmac sha2 512 etm\@openssh com,hmac sha1 etm\@openssh com,hmac sha2 256,hmac sha2 512,hmac sha1,hmac md5,hmac sha1 96,hmac md5 9 nsso client encryption algorithms chacha20 poly1305\@openssh com,aes128 ctr,aes192 ctr,aes256 ctr,aes128 gcm\@openssh com,aes256 gcm\@openssh com,aes128 cbc,aes192 cbc,aes256 cbc,arcfour256,arcfour128,3des cbc,blowfish cbc nsso client host key algorithms ecdsa sha2 nistp256 cert v01\@openssh com,ecdsa sha2 nistp384 cert v01\@openssh com,ecdsa sha2 nistp521 cert v01\@openssh com,ssh ed25519 cert v01\@openssh com,rsa sha2 512 cert v01\@openssh com,rsa sha2 256 cert v01\@openssh com,ecdsa sha2 nistp256,ecdsa sha2 nistp384,ecdsa sha2 nistp521,ssh ed25519,sk ecdsa sha2 nistp256\@openssh com,sk ssh ed25519\@openssh com,rsa sha2 512,rsa sha2 256,ssh rsa,ssh dss nsso client kex algorithms ecdh sha2 nistp521,ecdh sha2 nistp384,ecdh sha2 nistp256,diffie hellman group exchange sha256,diffie hellman group18 sha512,diffie hellman group17 sha512,diffie hellman group16 sha512,diffie hellman group15 sha512,diffie hellman group14 sha256,diffie hellman group exchange sha1,diffie hellman group14 sha1,diffie hellman group1 sha1 nsso client mac algorithms hmac sha2 256 etm\@openssh com,hmac sha2 512 etm\@openssh com,hmac sha1 etm\@openssh com,hmac sha2 256,hmac sha2 512,hmac sha1,hmac md5,hmac sha1 96,hmac md5 96 restart the sftp proxy service on the cli terminal with the command systemctl restart pam sftp