SFTP Archives - File transfer tool from Limagito

03 Mar
Complete rewrite of our Limagito SFTP server in v2025
V2025.3.2.0 contains a complete rewrite of our Limagito SFTP Server
We completed the rewrite of our previous server code. We have never been 100% ok with the previous third party code provider. In this build we switched to SecureBridge from Devart as new third party code provider .. what a difference!
Common features
Full support for the SSH2 protocol
SFTP V3 up to v6
Authentication by password or public key
Support for most SSH2-compatible clients including OpenSSH
Robust protection against different kinds of cryptographic attacks
Fast and customizable
External modules are not required
Algorithms support
Support for AES128, AES192, AES256, Blowfish, Cast128, and TripleDES symmetric algorithms
Support for SHA-2, SHA-1, and MD5 hashing algorithms
Support for Elliptic-Curver, RSA and DSA asymmetric HostKey algorithms
Reliable and convenient storage, transfer, and verification of asymmetric keys

The following Ciphers, HMAC and Key Exchange Algorithms are available in the new version:
Server Setup:
User Accounts Setup:
User Account Permissions Setup:
HostKey Setup:
Logging Setup:
If you need any help regarding this new Limagito SFTP server, please let us know.
Best Regards,
Limagito Team
#SFTP #managedfiletransfer #filetransfer #filemanagement
By Limagito-Team SFTP sftp server
12 Oct
SFTP Fingerprint option added to Limagito file mover
Q: I have a question related to SFTP fingerprints. When I create a new rule and add new Source -> SFTP, where can I configure the fingerprints of the Source host’s fingerprint? I would like to be sure that the server is valid.
A: We allow the fingerprint of the sftp server you added as source automatically. At this moment there is no option to add fingerprints of the host manually.
Q: Thanks for the very quick answer. Hopefully it will be possible on the next version. There is a possibility for MiTM attack.
A: In version v2024.10.12.0 we added the Fingerprint option for SFTP as Source and Destination.
The goal of the fingerprint is to verify the authenticity and integrity of the SFTP server you’re connecting to. This is a short, unique representation (a hash) of the server’s public key. The purpose of this fingerprint is to help you confirm that you’re connecting to the correct server and not a malicious or imposter server. This is optional and by default we allow any fingerprint.
E.g.
The default Hash Algorithm is MD5
68:ff:d1:4e:6c:ff:d7:b0:d6:58:73:85:07:bc:2e:d5
Please add one if the following prefixes to adjust the default Hash Algorithm:
SHA256:
SHA384:
SHA512:
SHA1:
SHA3-224:
SHA3-256:
SHA3-384:
SHA3-512:
In case you receive an error message regarding the Fingerprint Compare, please increase the RunTime Log Level to ‘Debug’:
RunTime Log example:
If the the fingerprint in your SFTP setup is not correct, the following error message will appear
Increasing the log level of the RunTime log will show you the Fingerprint the SFTP server is sending
You can compare this to the one in your setup, in the example below we used the SHA256 hash algorithm
If you need any help with this request, please let us know.
Best Regards,
Limagito Team
#sftp #managedfiletransfer #filetransfer #filemanagement
By Limagito-Team SFTP fingerprint, SFTP
14 Jul
SFTP Allowed Algorithms in Limagito File Mover
SFTP Set Allowed Algorithms in Limagito File Mover
14th of July 2024
By default, Limagito File Mover orders algorithms according to best practices, and pays attention to vulnerabilities such as the “Terrapin Attack”.
The following algorithms are supported by Limagito File Mover when our second API Vendor – CK is selected:
Hostkey:
ssh-ed25519
rsa-sha2-256
rsa-sha2-512
ecdsa-sha2-nistp256
ecdsa-sha2-nistp384
ecdsa-sha2-nistp521
ssh-rsa
ssh-dss
Key Exchange:
curve25519-sha256
curve25519-sha256@libssh.org
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521
diffie-hellman-group14-sha256
diffie-hellman-group1-sha1
diffie-hellman-group14-sha1
diffie-hellman-group16-sha512
diffie-hellman-group18-sha512
diffie-hellman-group-exchange-sha256
diffie-hellman-group-exchange-sha1
Ciphers:
aes128-ctr
aes256-ctr
aes192-ctr
aes128-cbc
aes256-cbc
aes192-cbc
aes128-gcm@openssh.com
aes256-gcm@openssh.com
twofish256-cbc
twofish128-cbc
blowfish-cbc
(also chacha20-poly1305@openssh.com if explicitly allowed by the application)
MAC Algorithms:
hmac-sha2-256
hmac-sha2-512
hmac-sha1
hmac-ripemd160
hmac-sha1-96
hmac-md5
(also the following etm algorithms if explicitly allowed)
hmac-sha1-etm@openssh.com
hmac-sha2-256-etm@openssh.com
hmac-sha2-512-etm@openssh.com

Best Regards,
Limagito Team
#SFTP #managedfiletransfer #filetransfer #filemanagement
By Limagito-Team SFTP Algorithms