minio

Commit Graph

Author	SHA1	Message	Date
Olli Janatuinen	b413ff9fdb	Support user certificate based authentication on SFTP (#19650 )	2024-05-06 23:41:25 -07:00
Klaus Post	f64dea2aac	Allow custom SFTP algorithm selection (#19636 ) Algorithms are comma separated. Note that valid values does not in all cases represent default values. `--sftp=pub-key-algos=...` specifies the supported client public key authentication algorithms. Note that this doesn't include certificate types since those use the underlying algorithm. This list is sent to the client if it supports the server-sig-algs extension. Order is irrelevant. Valid values ``` ssh-ed25519 sk-ssh-ed25519@openssh.com sk-ecdsa-sha2-nistp256@openssh.com ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521 rsa-sha2-256 rsa-sha2-512 ssh-rsa ssh-dss ``` `--sftp=kex-algos=...` specifies the supported key-exchange algorithms in preference order. Valid values: ``` curve25519-sha256 curve25519-sha256@libssh.org ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group14-sha256 diffie-hellman-group16-sha512 diffie-hellman-group14-sha1 diffie-hellman-group1-sha1 ``` `--sftp=cipher-algos=...` specifies the allowed cipher algorithms. If unspecified then a sensible default is used. Valid values: ``` aes128-ctr aes192-ctr aes256-ctr aes128-gcm@openssh.com aes256-gcm@openssh.com chacha20-poly1305@openssh.com arcfour256 arcfour128 arcfour aes128-cbc 3des-cbc ``` `--sftp=mac-algos=...` specifies a default set of MAC algorithms in preference order. This is based on RFC 4253, section 6.4, but with hmac-md5 variants removed because they have reached the end of their useful life. Valid values: ``` hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com hmac-sha2-256 hmac-sha2-512 hmac-sha1 hmac-sha1-96 ```	2024-04-30 08:15:45 -07:00
Harshavardhana	dd9ed85e22	implement support for FTP/SFTP server (#16952 )	2023-04-15 07:34:02 -07:00

Author

SHA1

Message

Date

Olli Janatuinen

b413ff9fdb

Support user certificate based authentication on SFTP (#19650 )

2024-05-06 23:41:25 -07:00

Klaus Post

f64dea2aac

Allow custom SFTP algorithm selection (#19636 )

Algorithms are comma separated.
Note that valid values does not in all cases represent default values.

`--sftp=pub-key-algos=...` specifies the supported client public key
authentication algorithms. Note that this doesn't include certificate types
since those use the underlying algorithm. This list is sent to the client if
it supports the server-sig-algs extension. Order is irrelevant.

Valid values
```
ssh-ed25519
sk-ssh-ed25519@openssh.com
sk-ecdsa-sha2-nistp256@openssh.com
ecdsa-sha2-nistp256
ecdsa-sha2-nistp384
ecdsa-sha2-nistp521
rsa-sha2-256
rsa-sha2-512
ssh-rsa
ssh-dss
```

`--sftp=kex-algos=...` specifies the supported key-exchange algorithms in preference order.

Valid values:

```
curve25519-sha256
curve25519-sha256@libssh.org
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521
diffie-hellman-group14-sha256
diffie-hellman-group16-sha512
diffie-hellman-group14-sha1
diffie-hellman-group1-sha1
```

`--sftp=cipher-algos=...` specifies the allowed cipher algorithms.
If unspecified then a sensible default is used.

Valid values:
```
aes128-ctr
aes192-ctr
aes256-ctr
aes128-gcm@openssh.com
aes256-gcm@openssh.com
chacha20-poly1305@openssh.com
arcfour256
arcfour128
arcfour
aes128-cbc
3des-cbc
```

`--sftp=mac-algos=...` specifies a default set of MAC algorithms in preference order.
This is based on RFC 4253, section 6.4, but with hmac-md5 variants removed because they have
reached the end of their useful life.

Valid values:

```
hmac-sha2-256-etm@openssh.com
hmac-sha2-512-etm@openssh.com
hmac-sha2-256
hmac-sha2-512
hmac-sha1
hmac-sha1-96
```

2024-04-30 08:15:45 -07:00

Harshavardhana

dd9ed85e22

implement support for FTP/SFTP server (#16952 )

2023-04-15 07:34:02 -07:00

3 Commits