PUTTY 0.63 - How to define or exclude a specific Cipher?

[hanks...@gmail.com]

For OpenSSH you can do so with the -C <cipher> parameter.
Is there a method to do the same for Putty?

We tried to edit the settings at the server side to not allow aes256-ctr but rather to use aes256-cbc - but the server (in FIPS mode - works fine in non-FIPS) keeps reverting to aes256-CTR.

I am trying to determine if there is a method - through the command prompt perhaps of 'forcing' Putty SSH to use the aes256-cbc.

Thanks in advance for your feedback!

Hank Schupp. ArmyLifer98

[Owen Dunn]

hanks...@gmail.com writes:

> For OpenSSH you can do so with the -C <cipher> parameter.
> Is there a method to do the same for Putty?

No. Although we have configuration for the cipher selection policy (on
the SSH panel) it's only at the level of the cipher type (AES, Blowfish,
3DES etc.) and you can't select the number of bits or cipher mode.

For AES, PuTTY prefers aes256-ctr to aes-256-cbc.

> We tried to edit the settings at the server side to not allow
> aes256-ctr but rather to use aes256-cbc - but the server (in FIPS mode
> - works fine in non-FIPS) keeps reverting to aes256-CTR.
>
> I am trying to determine if there is a method - through the command
> prompt perhaps of 'forcing' Putty SSH to use the aes256-cbc.

Out of curiosity why are you keen to use CBC rather than CTR?

(S)
--
`Touch can bring blossom to things that decay.'