The SFTP protocol makes secure connections between the client and the SFTP server using SSH (secure shell) which is a network communication protocol. When the SSH connection is being established, the client and the server both advertise which of multiple cipher algorithm options they are willing to use to encrypt the traffic between them. There must be at least one cipher in common between the client and the server in order to establish the secure connection. Please see our table below to view which cipher’s that Hosted~FTP~ supports on our multi-tenant service. Please note that the multi-tenant service is not PCI compliant like our single-tenant service.
Also, when an FTPeS or HTTPS connection is made, the table below shows the protocols enabled to establish a secure connection. By default, TLS 1.0 and TLS1.1 are disabled for browser connections but enabled for FTPeS connections with FTP clients i.e. FileZilla.
SFTP security profile #
| SFTP Cipher | Multi-Tenant as of Feb 22, 2025 |
| aes128-gcm@openssh.com | Enabled |
| aes256-gcm@openssh.com | Enabled |
| aes128-cbc | Enabled |
| aes192-cbc | Enabled |
| aes256-cbc | Enabled |
| chacha20-poly1305@openssh.com | Enabled |
| SFTP Key Exchange | Multi-Tenant as of Feb 22, 2025 |
| sntrup761x25519-sha512 | Enabled |
| sntrup761x25519-sha512@openssh.com | Enabled |
| curve25519-sha256 | Enabled |
| curve25519-sha256@libssh.org | Enabled |
| curve448-sha512 | Enabled |
| ecdh-sha2-nistp521 | Enabled |
| ecdh-sha2-nistp384 | Enabled |
| ecdh-sha2-nistp256 | Enabled |
| diffie-hellman-group-exchange-sha256 | Enabled |
| diffie-hellman-group18-sha512 | Enabled |
| diffie-hellman-group17-sha512 | Enabled |
| diffie-hellman-group16-sha512 | Enabled |
| diffie-hellman-group15-sha512 | Enabled |
| diffie-hellman-group14-sha1 | Enabled |
| diffie-hellman-group1-sha1 | Enabled |
| SFTP MAC Algorithm | Multi-Tenant as of Feb 22, 2025 |
| hmac-sha2-256-etm@openssh.com | Enabled |
| hmac-sha2-512-etm@openssh.com | Enabled |
| hmac-sha2-256 | Enabled |
| hmac-sha2-512 | Enabled |
| hmac-sha1 | Enabled |
| SFTP Host Key | Multi-Tenant as of Oct 30, 2021 |
| RSA 2048 bit | Enabled |
| DSA 1024 bit | Enabled |
HTTPS security profile #
| FTPeS | Multi-Tenant as of Oct 30, 2021 |
| TLSv1.2 | Enabled |
| TLSv1.1 | Enabled |
| TLSv1.0 | Enabled |
| HTTPS | Multi-Tenant as of Oct 30, 2021 |
| TLSv1.2 | Enabled |
