SSH2 Not Allowing AES256-CTR

General discussion forum for the Zend Server
Post Reply
ks670it
Posts: 2
Joined: Mon Sep 10, 2018 6:27 pm

SSH2 Not Allowing AES256-CTR

Post by ks670it » Thu Sep 27, 2018 6:50 pm

We just upgraded our Zend Servers from 5.6.16 to 7.2.6. On the old version, SSH2 functions were connecting to client SFTP servers using AES128-CTR. Now with the new version AES256-CBC is the highest we can get negotiated. I can't find anything anywhere on this but it seems like a problem.

Does anyone have any ideas?

Thank You.

User avatar
zend_eyalt
Posts: 282
Joined: Thu Jan 22, 2009 3:16 pm

Re: SSH2 Not Allowing AES256-CTR

Post by zend_eyalt » Sun Oct 14, 2018 2:26 pm

I do not think that the php version has anything to do with it, as using AES128-CTR even on php 5.6.7 failed for me.
Note that http://php.net/manual/en/function.ssh2-connect.php doesnot list AES128-CTR as supported, it does mention though aes128-cbc and thus the former fails and the latter works:

Code: Select all

$crypt = 'AES128-CTR'; // fails
//$crypt = 'aes128-cbc'; // works
$methods = array(
		'client_to_server' => array(
				'crypt' => $crypt,
			'comp' => 'none'),
		'server_to_client' => array(
				'crypt' => $crypt,
				'comp' => 'none'));

$connection = ssh2_connect(SSH_HOST, 22, $methods);

Post Reply