THE INFORMATION IN THIS ARTICLE APPLIES TO:
SYMPTOM
Outbound SFTP connections to Tumbleweed SecureTransport (TST) server fail and SSH HMAC check fails
RESOLUTION
This is a known issue in SecureTransport v4.9.1 SP1, with the MACs hmac-MD5-96 and hmac-sha1-96. The resolution is to disable hmac-MD5-96 and hmac-sha1-96 in the registry for EFT Server outbound SFTP connections.
To disable the MACs in the registry
Edit the following registry settings:
HKLM\SOFTWARE\GlobalSCAPE\TED 6\Settings\SecuritySFTP2\
Set the following DWORD values to ‘0’ (Zero):
SFTP2_MD5-96
SFTP2_SHA1-96
MORE INFORMATION
Other Tumbleweed SecureTransport-related articles:
SecureTransport and EFT Server SSL: https://kb.globalscape.com/KnowledgebaseArticle10181.aspx