A [RFC|https://www.sftp.net/servers] compliant pure __SFTP/SCP__ server implementation. SSH [Tunneling|tunnels] is supported in CrushFTP. An SSH shell is __not allowed__ as its often the method used in exploits.  A shell has no purpose in file transfer.\\
\\
[Public / Private| UserManagerRestrictionsSSH] key authentication is supported too.  The ciphers can be customized to prevent wasted CPU usage from inefficient ciphers.\\
\\
By default, there is an SFTP server listener configured with __compatible__ bound to port __2222__ readily available on first deploy.\\

%%tabbedSection 
%%tab-tabTitle1
tab content 1
/%
%%tab-tabTitle2
tab content 2
/%
%%tab-tabTitle3
tab content 3
/%
/%

[{Image src='img.jpg' width='..' height='..' align='left|center|right' style='..' class='..' }]

[attachments|sftp_ssh.png]
\\
!Supported ciphers:
{{{
aes128-ctr,aes192-ctr,aes256-ctr,3des-ctr,3des-cbc,blowfish-cbc,arcfour,arcfour128,arcfour256,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com
}}}
''aes128-cbc,aes192-cbc,aes256-cbc are also supported but not recommended due to their known insecurity.''\\
\\
!Supported KEX:
{{{
curve25519-sha2@libssh.org,curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group18-sha512,diffie-hellman-group17-sha512,diffie-hellman-group16-sha512,diffie-hellman-group15-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha1
}}}
''diffie-hellman-group1-sha1  is also supported but it is not considered secure.''\\
\\
!Supported MACs:
{{{
hmac-sha256,hmac-sha2-256,hmac-sha256@ssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-256-96,hmac-sha512,hmac-sha2-512,hmac-sha512@ssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-512-96,hmac-sha1,hmac-sha1-etm@openssh.com,hmac-sha1-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-md5,hmac-md5-etm@openssh.com,hmac-md5-96
}}}