you should look at CVE to search for SFTP vulnerabilities. SSH on Z is openssh, so the risks are common.
ITschak ITschak Mugzach *|** IronSphere Platform* *|* *Information Security Continuous Monitoring for z/OS, x/Linux & IBM I **| z/VM comming son * On Tue, Apr 14, 2020 at 12:08 PM Joe Monk <[email protected]> wrote: > SFTP is FTP over SSH. FTP/S is FTP over SSL. > > SSH can use AES256-CBC ciphers. Why do you consider it insecure? > > Joe > > On Tue, Apr 14, 2020 at 3:57 AM Peter <[email protected]> wrote: > > > Hello > > > > If am correct SFTP doesn't follow TLS and has it own cryptography > > algorithm. > > > > Are there any known vulnerability for SFTP in redhat ? Or there any extra > > layer of security that can hardened on sftp apart from certificate based > > logon ? > > > > Peter > > > > ---------------------------------------------------------------------- > > For LINUX-390 subscribe / signoff / archive access instructions, > > send email to [email protected] with the message: INFO LINUX-390 or > > visit > > http://www2.marist.edu/htbin/wlvindex?LINUX-390 > > > > ---------------------------------------------------------------------- > For LINUX-390 subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO LINUX-390 or > visit > http://www2.marist.edu/htbin/wlvindex?LINUX-390 > ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www2.marist.edu/htbin/wlvindex?LINUX-390
