From: Chris Y. <mr...@gm...> - 2024-08-12 21:00:54
|
I don't use root when I run nmap nmap -Pn --script ssh2-enum-algos -p 22 my.sftp.server Root is only necessary if you're doing silly things with raw sockets. Checking an sftp server for supported algos is basic tcp stuff. No root required. On Mon, Aug 12, 2024 at 12:28 PM Geoffrey Myers <li...@se...> wrote: > thanks Chris, > > If I recall correctly, map requires root access? I don’t have root > access. Is there any way to determine the altos/ciphers supported by > proftpd that does not require root access? > > > On Aug 2, 2024, at 10:38 PM, Chris Young <mr...@gm...> wrote: > > to "visualize" the enabled ciphers for your server, install nmap, and from > a command line, you can run > > ## check for ssh/sftp algos > nmap -Pn --script ssh2-enum-algos -p 22 SFTP.HOST.WHATEVER > > ## check for ssl/tls ciphers > nmap --script ssl-enum-ciphers -p 443 WWW.HOST.WHATEVER > > if your machine is running openssl v3+, you'll get an accurate map of the > enable key exchange and encryption algorithms. > > .. pretty sure ssh will show accurate, even for openssl v1, but modern tls > ciphers will only show if you have openssl v3+ > > > On Fri, Aug 2, 2024 at 1:36 PM TJ Saunders <tj...@ca...> wrote: > >> > TJ, thanks. Quick question. I’m a bit confused. As I referenced ssh >> > you mentioned openssl. Does ssh use OpenSSL? I would expect openssh. >> >> The mod_sftp module for ProFTPD implements the SSH and SFTP protocols >> using the OpenSSL library for the necessary cryptographic support. It does >> not use the OpenSSH implementations in any way. In fact, mod_sftp >> implements some parts of the SFTP protocol that OpenSSH does not implement. >> >> Cheers, >> TJ >> >> >> _______________________________________________ >> ProFTPD Users List <pro...@pr...> >> Unsubscribe problems? >> http://www.proftpd.org/list-unsub.html > > _______________________________________________ > ProFTPD Users List <pro...@pr...> > Unsubscribe problems? > http://www.proftpd.org/list-unsub.html > > > -- > Until later, Geof > > > > _______________________________________________ > ProFTPD Users List <pro...@pr...> > Unsubscribe problems? > http://www.proftpd.org/list-unsub.html |