Search

GlobalSCAPE Knowledge Base

Outbound SFTP connections to Tumbleweed SecureTransport (TST) server fail and SSH HMAC check fails

Karla Marsh
EFT

THE INFORMATION IN THIS ARTICLE APPLIES TO:

  • EFT Server, all versions
  • EFT v4.x to v7.4.x stores advanced properties in the registry.
  • EFT v8.x stores Advanced Properties in a JSON file.
    • When you upgrade from EFT v7.4.x to EFT v8, the non-default settings that you have defined in the registry will be added to the Advanced Properties file during upgrade. (Default settings are part of the EFT configuration files.)
      Please refer to the EFT help for a spreadsheet of advanced properties for your version of EFT.

SYMPTOM

Outbound SFTP connections to Tumbleweed SecureTransport (TST) server fail and SSH HMAC check fails

RESOLUTION

This is a known issue in SecureTransport v4.9.1 SP1, with the MACs hmac-MD5-96 and hmac-sha1-96. The resolution is to disable hmac-MD5-96 and hmac-sha1-96 in the registry for EFT Server outbound SFTP connections.

To disable the MACs in the registry

Edit the following registry settings:

HKLM\SOFTWARE\GlobalSCAPE\TED 6\Settings\SecuritySFTP2\

Set the following DWORD values to ‘0’ (Zero):

SFTP2_MD5_96

SFTP2_SHA1_96

MORE INFORMATION

Other Tumbleweed SecureTransport-related articles:

SecureTransport and EFT Server SSL: https://kb.globalscape.com/KnowledgebaseArticle10181.aspx

Details
Last Modified: 3 Years Ago
Last Modified By: kmarsh
Type: ERRMSG
Rated 1 star based on 8 votes.
Article has been viewed 43K times.
Options
Also In This Category
Tags