ADF Cipher Suite

Question

ADF Cipher Suite

Jesse White 1

We're encountering an issue in ADF when connecting to an eBay SFTP. They have deprecated certain ciphers and are requesting that we use a different cipher in order to connect.

Deprecated Ciphers and MACs
CBC Ciphers MD5 MACs
aes128-cbc hmac-md5
aes192-cbc hmac-md5-96
aes256-cbc ******@openssh.com
blowfish-cbc
3des-cbc
3des-ctr
arcfour
arcfour128
arcfour256

I can't see anywhere in the SFTP linked service or ADF where you can configure certain ciphers to use. Has anyone else encountered an issue similar to this?

Vinodh247 34,661 Reputation points MVP Volunteer Moderator

2022-08-12T07:33:46.547+00:00

Hi JesseWhite,

Thanks for reaching out to Microsoft Q&A.

I see a similar discussion that has been discussed before, check if this help to solve your issue.

https://stackoverflow.com/questions/61272370/sftp-connection-customization-parameterization

Please Upvote and Accept as answer if the reply was helpful.
Jesse White 1 Reputation point

2022-08-12T07:44:08.207+00:00

Thanks @Vinodh247

I don't think this will solve the issue. We don't need to parameterize the username/pass etc.

I would like to know what cipher suite ADF is using to connect to an SFTP.

For context, I am just using 'Basic' authentication type and disabling SSH host key validation.
ShaikMaheer-MSFT 38,546 Reputation points Microsoft Employee Moderator

2022-08-16T09:04:11.277+00:00

Hi @Jesse White ,

I believe you are using SFTP connector here. Kindly correct me if I am wrong.

I referred below SFTP connector documentation. I dont see any property which allows us to set Cipher details. I am checking more on this with internal team. I will share updates soon.
https://learn.microsoft.com/en-us/azure/data-factory/connector-sftp?tabs=data-factory

1 answer

Your answer

Vinodh247 34,661 Reputation points MVP Volunteer Moderator

2022-08-12T07:33:46.547+00:00

Hi JesseWhite,

Thanks for reaching out to Microsoft Q&A.

I see a similar discussion that has been discussed before, check if this help to solve your issue.

https://stackoverflow.com/questions/61272370/sftp-connection-customization-parameterization

Please Upvote and Accept as answer if the reply was helpful.
Jesse White 1 Reputation point

2022-08-12T07:44:08.207+00:00

Thanks @Vinodh247

I don't think this will solve the issue. We don't need to parameterize the username/pass etc.

I would like to know what cipher suite ADF is using to connect to an SFTP.

For context, I am just using 'Basic' authentication type and disabling SSH host key validation.
ShaikMaheer-MSFT 38,546 Reputation points Microsoft Employee Moderator

2022-08-16T09:04:11.277+00:00

Hi @Jesse White ,

I believe you are using SFTP connector here. Kindly correct me if I am wrong.

I referred below SFTP connector documentation. I dont see any property which allows us to set Cipher details. I am checking more on this with internal team. I will share updates soon.
https://learn.microsoft.com/en-us/azure/data-factory/connector-sftp?tabs=data-factory

Answer 1

ShaikMaheer-MSFT 38,546 Microsoft Employee Moderator

Hi @Jesse White ,

I got update from internal team.

By product design, SFTP connector Cipher details are not exposed. Hence, we can control them from frontend. It's completely handled by product itself.

I would encourage you to add feedback item for this in below link, if you feel adding this capability helps.
https://feedback.azure.com/d365community/forum/1219ec2d-6c26-ec11-b6e6-000d3a4f032c

Product team closely monitor feedbacks and consider them feature releases.

Hope this helps. Please let us know your comments.

ShaikMaheer-MSFT 38,546 Reputation points Microsoft Employee Moderator

2022-09-14T05:50:15.517+00:00

Hi @Jesse White ,

Just checking in to see if the above answer helped. If this answers your query, do click and upvote for the same. And, if you have any further query do let us know.

Share via

ADF Cipher Suite

1 answer

Your answer