My Oracle Support Banner

Disable SSH Cipher On MFT Embedded SFTP (Doc ID 2663294.1)

Last updated on MAY 01, 2020

Applies to:

Oracle Managed File Transfer - Version 12.2.1.3.0 and later
Information in this document applies to any platform.

Goal

On : 12.2.1.3.0 version, MFT Runtime Server

1AT - Disable SSH cipher on MFT embedded SFTP

After a penetration test we have been asked to limit the ciphers and macs allowed for SFTP connection to our MFT instance.

We can easily to this at system level putting there 2 lines in sshd_config

ciphers aes128-ctr,aes192-ctr,aes256-ctr
macs hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com

but this does not seems to affect MFT embedded SFTP. How can we change this for the embedded SFTP server?
 

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.