This portal is to open public enhancement requests for IBM Sterling products and services. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).
We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:
Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,
Post an idea.
Get feedback from the IBM team and other customers to refine your idea.
Follow the idea through the IBM Ideas process.
Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.
IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.
firstname.lastname@example.org - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.
There were large architecture changes required to support these ciphers. This is subject to change, however, It is our intent to back-port this stack update in an upcoming 526x FixPack (Likely 5264) by the end of the year.
Thank you very much Mr. Ryan for the update;
Like I conveyed earlier, We are on SI 525 and we are unlikely to upgrade to SI 6.0 at the moment. We might plan to upgrade to 526 may be in next year, I am not sure at the moment.
Do you have any plan to back port these features to SI 526 and SI525 releases ? If yes, in which Fix pack this is expected.
Please review the 6.0 documentation as cipher support has been upgraded. Review the following documentation
You cannot configure the SSH Key Exchange algorithms to be used with SFTP in the Sterling B2B Integrator UI. To select strong SSH Key Exchange algorithms, specify the values to be used in SSHKeyExchangeAlgList in the security.properties file. For example,
SSHKeyExchangeAlgList=diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1. You can verify the algorithm used in the SFTP Client Begin Session service status report.
diffie-hellman-group-exchange-sha256 key exchange mechanism is what we are critically interested in and any other associated key exchange mechanisms which supports SHA2 is most welcome.
We would prefer this at the earliest due to the criticality of losing partner who are strictly enforcing SHA2 key exchange mechanisms to communicate with us using SFTP.
We also request IBM to add support for SHA256 ciphers as well.
Dear Mr. Ryan,
We had requested for SHA2 support in SSH Handshake in IBM B2B Integrator product. I also created an RFE for this. As per below email I understand it as IBM is planning this feature in future releases. I do not understand which release this feature is being planned. Just to let you know, we are on 5.2.5 release and we do not have immediate plan for upgrading to new release; at-least for the next couple of months.
As per my knowledge the current version of Maverick jars (used for SSH functionalities) does support SHA2 handshake, that way I guess with minimal effort this feature can be provided in the current release.
Not having SHA2 support in SSH handshake is preventing our customers to trade with some critical partners as some of their partners are enforcing strict SHA2 support during SSH handshake. This is impacting our business with critical partners in a big way. I would request you to expedite this feature implementation and provide this in the current release we are on. This will help our business in a big way.
Thank you very much for your understanding
Hello, thank you for particiapting in the 'Request for Enhancement' community. Your input is valued. We agree with this request and have short term plans to deliver this functionality. Fundamentally there are some stack updates required in the product before we can offer these new algorithms, however that work is well under way. Please check back here for updates and/or notify your sales account team.
All the best,
Watson Customer Engagement
Several of our important partners are upgrading security standards and will not be allowing lesser algorithm than SHA2 for SSH handshake. We have been informed that we will not be able to communicate with these trading partners when the grace period runs out.
Tyco Electronics is looking to have the capability to choose to use SHA2 when directing traffic to different partners as required. We are looking at a critical business impact if the flexibility is not available soon.
Please add SHA2 support for SSH handshake as many of our partners are strictly enforcing SHA2 handshake during SSH handshake.