Failure to startup SFTP service

View some of the Frequently Asked Questions to our support staff. Included are some tips and tricks making this forum ideal for users getting started with GoAnywhere MFT. Note: Users can reply to existing topics but only our support staff can add new topics to this forum.
1 post Page 1 of 1

Support_Alisa

User avatar
Posts: 13
Joined: Thu Jul 26, 2018 2:03 pm

Post by Support_Alisa » Wed Aug 08, 2018 8:24 am
Question:

My SFTP service is not starting, what could be the cause of this?

Answer:

Does your GoAnywhere system have FIPS 140-2 Compliance Mode enabled?

In order to remain FIPS compliant, GoAnywhere systems running in FIPS mode will only allow the use of FIPS approved ciphers. At the moment, the following three ciphers are the only FIPS approved ciphers -
  • AES256-CBC
    AES192-CBC
    AES128-CBC
If any other ciphers are being used by the SFTP service, the service will not start. Starting in the 5.7.0 release, you should see an error similar to "ERROR Cipher algorithm 3des-cbc is not available" or "ERROR Cipher algorithm blowfish-cbc is not available" in the goanywhere.log file.

To fix this issue, go to the SFTP service and click edit. Select "Server." Under the "Selected" column for the "Enabled Cipher Algorithms" field, remove any ciphers but the 3 specified above. Save your changes and restart the service. The service should now start and function properly.
Alisa Bohac
Sr Support Analyst
e. [email protected]
p. 1.800.949.4696
w. HelpSystems.com
1 post Page 1 of 1