Exclude the selective SSH algorithms in On-Premise Poller during SFTP Transfer monitoring

Exclude the selective SSH algorithms in On-Premise Poller during SFTP Transfer monitoring

By excluding SSH algorithms, you can restrict Site24x7 SSH Client from using the excluded algorithm while connecting to the SSH server during SFTP Transfer monitoring. Follow the steps mentioned below for SSH algorithm exclusion in On-Premise Poller during SFTP Transfer Monitoring:


Prerequisite:

Ensure that the On-Premise Poller is of version 4.6.9 or above.  If not, please update the On-Premise Poller to the latest version by navigating to Admin > On-Premise Poller and then hover over the hamburger icon on the right corner of the selected poller. Then click Upgrade and wait for a few mins for it to be upgraded.

  1. Navigate to the On-Premise Poller installed directory in your system and then open the conf folder.

  2. Right-click on the EUMServer.properties file and open it in any text editor. Use the below keys to disable the algorithms in the file. Be careful not to modify any existing keys in the EUMServer.properties file:               

    1. ftp.exclude.kex.alg

    2. ftp.exclude.ciphers

    3. ftp.exclude.hamcs

    4. ftp.exclude.public.key.alg

    5. ftp.exclude.digest


For instance, to exclude "diffie-hellman-group-exchange-sha256" from KEX and "hmac-sha256" & "hmac-sha2-256-96" from HAMCs, change the value of the keys "ftp.exclude.kex.alg"and "ftp.exclude.hamcs" provide the keys as mentioned below: 
                     ftp.exclude.hamcs=hmac-sha256, hmac-sha2-256-96
                     ftp.exclude.kex.alg=diffie-hellman-group-exchange-sha256

# Provide a comma-seperated list of algorithms to be excluded.

#Supported Key Exchange Algorithm : diffie-hellman-group-exchange-sha256, diffie-hellman-group18-sha512, diffie-hellman-group17-sha512, diffie-hellman-group16-sha512, diffie-hellman-group15-sha512, diffie-hellman-group14-sha256, diffie-hellman-group-exchange-sha1, diffie-hellman-group14-sha1, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group1-sha1

ftp.exclude.kex.alg=diffie-hellman-group-exchange-sha256, diffie-hellman-group-exchange-sha1, diffie-hellman-group14-sha256

#Supported Ciphers : ssh1-des, ssh1-3des, aes128-ctr, aes192-ctr, aes256-ctr, 3des-ctr, 3des-cbc, blowfish-cbc, aes128-cbc, aes192-cbc, aes256-cbc, arcfour, arcfour128, arcfour256, aes128-gcm@openssh.com, aes256-gcm@openssh.com

ftp.exclude.ciphers=aes192-ctr, aes256-ctr


#Supported HMAC : hmac-sha256, hmac-sha2-256-96, hmac-sha512, hmac-sha2-512-96, hmac-sha1, hmac-sha1-96, hmac-ripemd160, hmac-md5, hmac-md5-96


ftp.exclude.hamcs=hmac-sha256, hmac-sha2-256-96


#Supported Public Key : ssh-dss, ssh-rsa, x509v3-sign-rsa, x509v3-sign-dss, x509v3-sign-rsa-sha1, x509v3-ssh-rsa, x509v3-ssh-dss, x509v3-ecdsa-sha2-nistp256, x509v3-ecdsa-sha2-nistp384, x509v3-ecdsa-sha2-nistp521, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, x509v3-rsa2048-sha256, ssh-rsa-cert-v01@openssh.com, ssh-dss-cert-v01@openssh.com, ecdsa-sha2-nistp256-cert-v01@openssh.com, ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, ssh-ed25519

ftp.exclude.public.key.alg=x509v3-sign-rsa, x509v3-sign-dss

#Supported Digest : MD5, SHA-1, SHA1, SHA-256, SHA-384, SHA-512


ftp.exclude.digest=SHA1, SHA-256

      3. Restart the On-Premise Poller to get the changes updated.

Notes
 If the On-Premise Poller is upgraded soon after applying the above changes, the exclusion will get reverted. Please repeat the above process in this case.

    • Related Articles

    • Troubleshooting false positive alerts in monitoring

      Problem False positive alerts are being generated. Possible cause The monitoring system is down in some locations. The Website monitor might be configured for one location, such as Seattle, but may appear down when accessed from another location, ...
    • Exclude Site24x7 monitoring traffic from Google Analytics

      You can exclude traffic from the Site24x7 Web Transaction (Browser) monitor and Webpage Speed (Browser) traffic from Google Analytics in two ways. To exclude traffic for the Web Defacement monitor, you can follow the first method. 1. Creating a ...
    • Compare our various methodologies for Website Monitoring

      Get to know Site24x7 monitors better and choose the one that best fits your monitoring needs. Compare the functionality of the following monitors: Website Monitoring Webpage Speed (Browser) Web Transaction Monitoring Web Transaction (Browser) SSL/TLS ...
    • Response time in Website monitoring

      In website monitoring, response time is calculated as the total time taken to resolve the DNS, complete the TCP hand-shake, negotiate an SSL handshake (for HTTPS) and download the full HTML output from the server. However, it does not include getting ...
    • Difference between website monitoring and REST API monitoring

      Website monitoring allows you to monitor your websites and web applications to ensure that they are up and running. Website monitor verifies the availability of specified, addressable, standard HTTP and HTTPS URLs from over 100+ global locations and ...