Skip to main content

Determining Which Ciphers Are Being Used

Keeping your site secure depends on knowing who is using weak or outdated encryption. If you've enabled insecure ciphers for SFTP connections, some users may still connect with old settings that aren't safe.

Your site includes reports that list which ciphers your users are connecting with. Use these reports to identify affected users, move their connections to stronger options, and then safely disable the insecure ciphers for your site.

Web Interface

Two data exports are available to show you who is connecting with insecure ciphers.

To view which ciphers a specific user is connecting with, access their user record within the web interface. In the Connections tab, a listing of Protocols & Ciphers shows every way they have connected, including whether each connection was secure and when they last used it. You can filter the listing and export this data.

For an overall view of every user connecting with insecure ciphers, review the Users Using Insecure Ciphers listing. This listing covers every user who has connected using an insecure cipher and shows when each user most recently connected with each cipher. That makes it straightforward to track progress as you update affected users.

Programmatic

You can use the Files.com Command Line App (CLI) or any of the official Files.com SDKs to generate a report of your users that are connecting with insecure ciphersExternal LinkThis link leads to an external website and will open in a new tab.