Increase support/make configurable Azure Bastion https client SSH ciphers

Matthew Brown 0 Reputation points
2024-10-19T20:40:05.7633333+00:00

Hello all,

We have an encryption standard that holds chacha20-poly1305@openssh.com as the only cipher that can be used.

I now need to seek a security exception to utilize aes256-ctr as a cipher for SSH in order to support the Azure Bastion https client SSH client.

Is there a feature I'm missing that allows me to configure ciphers for the Azure Bastion https client SSH client? Or is there an ETA on this feature?

Thanks,

Matt

Azure Bastion
Azure Bastion
An Azure service that provides private and fully managed Remote Desktop Protocol (RDP) and Secure Shell (SSH) access to virtual machines.
268 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Sai Prasanna Sinde 2,680 Reputation points Microsoft Vendor
    2024-10-21T11:11:07.3633333+00:00

    Hi @Matthew Brown

    Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.

    ChaCha20-Poly1305 PolyChacha ciphers are supported by Windows and can be enabled in scenarios where customers control the OS. 

    User's image

    Reference: https://learn.microsoft.com/en-us/azure/bastion/bastion-overview#key

    Could you please share me the exact error message you are getting so that we can assist you further. Any logs would be appreciated.

    Kindly let us know if the above helps or you need further assistance on this issue.

    If this answers your query, do click **Accept Answer** and **Yes** for was this answer helpful. And, if you have any further query do let us know.

    Thanks,

    Sai Prasanna.

     

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.