Marc,
Thanks! I didn't know that.
I turned on logging and found this in the log:
. 2023-09-05 14:17:51.126 Using TLSv1.2, cipher TLSv1.2: ECDHE-RSA-AES256-SHA384, 2048 bit RSA, ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384
It appears I have the cipher enabled. Although, the IBM cipher has -GCM- in the name (so I'm not sure if they are the same)
I opened a case with IBM and sent them a trace.
Thanks,
Greg
-----Original Message-----
From: MIDRANGE-L <midrange-l-bounces@xxxxxxxxxxxxxxxxxx> On Behalf Of Marc Rauzier
Sent: Tuesday, September 5, 2023 1:30 PM
To: midrange-l@xxxxxxxxxxxxxxxxxx
Subject: Re: FTP Secure Connection Error
With WINSCP, if you enable logging to debug 2, you can check which
protocol and cipher are used. Example for me when I connect to pub400.com
. 2023-09-05 19:24:08.749 Connecting to pub400.com ...
. 2023-09-05 19:24:08.749 Connected
. 2023-09-05 19:24:08.749 TLS layer changed state from unconnected to
connecting
. 2023-09-05 19:24:08.749 TLS layer changed state from connecting to
connected
. 2023-09-05 19:24:08.749 Connected with pub400.com, negotiating TLS
connection...
. 2023-09-05 19:24:08.771 Read 25 bytes
< 2023-09-05 19:24:08.771 220-QTCP at PUB400.COM.
. 2023-09-05 19:24:08.846 Read 59 bytes
< 2023-09-05 19:24:08.846 220 Connection will close if idle more than
1666 minutes.
2023-09-05 19:24:08.846 AUTH TLS
. 2023-09-05 19:24:08.872 Read 53 bytes
< 2023-09-05 19:24:08.872 234 Security mechanism accepted; start
negotiation.
. 2023-09-05 19:24:08.876 No data to read
. 2023-09-05 19:24:08.903 TLS connect: SSLv3/TLS write client hello
. 2023-09-05 19:24:08.927 TLS connect: SSLv3/TLS read server hello
. 2023-09-05 19:24:08.927 TLS connect: TLSv1.3 read encrypted extensions
. 2023-09-05 19:24:08.933 TLS connect: SSLv3/TLS read server certificate
. 2023-09-05 19:24:08.935 TLS connect: TLSv1.3 read server certificate
verify
. 2023-09-05 19:24:08.935 TLS connect: SSLv3/TLS read finished
. 2023-09-05 19:24:08.935 TLS connect: SSLv3/TLS write change cipher spec
. 2023-09-05 19:24:08.935 TLS connect: SSLv3/TLS write finished
. 2023-09-05 19:24:08.936 Verifying certificate for "" with fingerprint
b8:82:e2:15:a3:49:09:f6:64:c2:cf:e7:d4:da:c0:62:b5:0f:fa:2e:52:6e:47:67:72:a7:cc:93:a3:da:6b:cf
and 19 failures
. 2023-09-05 19:24:08.936 Certificate common name "pub400.com" matches
hostname
. 2023-09-05 19:24:09.345 Certificate verified against Windows
certificate store
. 2023-09-05 19:24:09.345 Using TLSv1.3, cipher TLSv1.3:
TLS_AES_128_GCM_SHA256, 2048 bit RSA, TLS_AES_128_GCM_SHA256 TLSv1.3
Kx=any Au=any Enc=AESGCM(128) Mac=AEAD
. 2023-09-05 19:24:09.345 Session upkeep
. 2023-09-05 19:24:09.414 TLS connection established. Waiting for
welcome message...
2023-09-05 19:24:09.414 USER DIMARCO
. 2023-09-05 19:24:09.414 TLS connect: SSL negotiation finished successfully
. 2023-09-05 19:24:09.414 TLS connect: SSL negotiation finished successfully
As an Amazon Associate we earn from qualifying purchases.