Topic: Planned PDA Release 4.7 updates to SFTP Server Ciphers and MAC Algorithms
Date/Time Issued: May 31, 2024 1406Z
Product(s) or Data Impacted: All SFTP connections and related products to/from the PDA NSOF OPS site.
Date/Time of Initial Impact: June 11, 2024 1200Z
Date/Time of Expected End: June 12, 2024 2100Z
Length of Event: 33 hours
Details/Specifics of Change: The PDA team will install PDA Release 4.7 which will impact available Ciphers and Algorithms which are used during SFTP Server handshake. The spirit of this change is to remove vulnerable ciphers. If you connect to PDA SFTP Servers as a client this change may affect you.
The following ciphers & MACs will be usable after the Rel4.7 update:
- AES128CTR
- AES192CTR
- AES256CTR
- AES128CBC
- AES192CBC
- AES256CBC
- TripleDESCBC
- HMACMD5
- HMACSHA1
- HMACMD596
- HMACSHA196
The following ciphers have been removed:
- ARCFOUR128
- ARCFOUR256
- BlowfishCBC
Users that have SFTP clients that connect to PDA SFTP Servers should verify they support one of the usable algorithms listed above.
The PDA Support team will be monitoring the environment to quickly address and remediate any issues that may occur.
Contact Information for Further Information: ESPC Operations at ESPCOperations@noaa.gov at 301-817-3880
Web Site(s) for applicable information: N/A
This message was sent by ESPC.Notification@noaa.gov. You have been sent this and other notifications because you have opted in to receive it. If for any reason, you wish to unsubscribe, please contact ESPC Help Desk at ESPCOperations@noaa.gov or (301) 817-3880. Please note: it may take up to two business days to process your unsubscribe request.