[SOLVED] How to check the encryption algorithm being used in the SFTP session through WinSCP?

Issue

I am using WinSCPnet, Version=5.19.0 for file transfer using SFTP. The vendor where I was transferring file has deprecated a couple of ciphers. I want to check which cipher or encryption algorithm is being used by SFTP session which I am using in my code.

Here is my code to open the SFTP connection:

SessionOptions sessionOptionsSFTP = new SessionOptions
{
    Protocol = Protocol.Sftp,
    HostName = sftpServerIP,
    UserName = sftpUserID,
    Password = sftpPassword,
    PortNumber = sftpPort,
    SshHostKeyFingerprint = sftpHostKey,
    Timeout = new TimeSpan(0, 2, 0)
};

Session sessionSFTP = new Session();

sessionSFTP.Open(sessionOptionsSFTP);
log.Info("SFTP session has been opened");

Is there a way to log or check which algorithm is being used?

Solution

To check what algorithms are supported by your version of WinSCP .NET assembly, lookup the winscp.exe binary in your assembly package (or just download WinSCP 5.19 binary separately).

And run it with /info command-line parameter. You will get:

SSH encryption ciphers:
aes256-ctr
aes256-cbc
[email protected]
aes192-ctr
aes192-cbc
aes128-ctr
aes128-cbc
[email protected]
blowfish-ctr
blowfish-cbc
3des-ctr
3des-cbc
arcfour256
arcfour128
des-cbc
[email protected]
...

---

To check what algorithms are actually used by your session, inspect the session log file. Enable it by setting Session.SessionLogPath.

. 2023-10-31 12:30:38.501 Have a known host key of type ecdsa-sha2-nistp521
. 2023-10-31 12:30:38.503 Doing ECDH key exchange with curve Curve25519, using hash SHA-256
. 2023-10-31 12:30:38.762 Server also has ssh-ed25519/ecdsa-sha2-nistp256/ecdsa-sha2-nistp384/ssh-dss/rsa-sha2-512/rsa-sha2-256/ssh-rsa host keys, but we don't know any of them
. 2023-10-31 12:30:38.763 Host key fingerprint is:
. 2023-10-31 12:30:38.763 ecdsa-sha2-nistp521 521 SHA256:p3ZteKYBFsSyFh18yOaczZEqoXnn135qqH1VqdIzQ8k
< 2023-10-31 12:30:38.764 Script: Authenticating...
. 2023-10-31 12:30:38.765 Host key matches configured key fingerprint
. 2023-10-31 12:30:38.766 Initialised AES-256 SDCTR (AES-NI accelerated) [aes256-ctr] outbound encryption
. 2023-10-31 12:30:38.766 Initialised HMAC-SHA-256 outbound MAC algorithm
. 2023-10-31 12:30:38.766 Initialised AES-256 SDCTR (AES-NI accelerated) [aes256-ctr] inbound encryption
. 2023-10-31 12:30:38.766 Initialised HMAC-SHA-256 inbound MAC algorithm

---

Though I strongly discourage you from using old version of WinSCP. Use the latest version instead.

Answered By - Martin Prikryl

Answer Checked By - Mary Flores (WPSolving Volunteer)