Scribd
Upload
116 views2 pages

Impa Alerts

Uploaded by

rameshyaragala
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
116 views2 pages

Impa Alerts

Uploaded by

rameshyaragala
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

9/4/2020 Alerts

Action Required: Update SFTP settings by September 27th, 2020 to


continue transferring files with Waystar
From: Re: Post Date:
Client Support Team Action Required: Update SFTP settings by 9/4/2020
September 27th, 2020 to continue transferring
files with Waystar

An update to your SFTP settings is required to continue transferring files to/from Waystar. Please
disregard if you have already taken action.
These required changes only apply if you connect to SSH FTP Waystar’s host “sshftp.waystar.com” which is also known as
“sshftp.zirmed.com"

Reason for Notice

As computing power continues to advance, older encryption schemes are in jeopardy of being broken by sophisticated cyber criminals. To maintain security best practices and
protect your data, Waystar will be updating our file transfer(SFTP) encryption algorithms and public SSH key on September 27th, 2020.

Please read this notification carefully, as this transition will require changes on your side. If these changes are not made as recommended, there is a high likelihood that your file
transfer process will fail.

What you need to do now:

1. Share this notice with your IT team and/or Practice Management (whoever handles your file transfer application)

2. Block time on your IT and/or Practice Management's calendar before September 27th to complete testing using provided test site + instructions

3. On September 27th make the update

Additional materials to aid the transition:

FAQ & Technical Specifications

Why is Waystar making these changes? Waystar is dedicated to implementing best practices in data security and is continually evaluating our security posture. The National
Institute of Standards (NIST) has recommended the retirement of some older algorithms, and we are proactively enabling some of the newer algorithms. NIST is a United States
federal government agency responsible forsetting security standards to protect critical infrastructure. Waystar has no knowledge of any issues among our clients with the current
algorithms, but this update will ensure a safe, secure pathway to transmit files to Waystar and to receive files from Waystar in the years to come. These improvements will
enhance the privacy and safety of everyone’s data.

When will these changes take place? Changes to our production environment will be made Sunday, September 27th, 2020 at approximately 10:00 P.M. Eastern Daylight
Time. Prior to this change, organizations will have the opportunity to test their configuration changes against a Waystar test server.

What does my organization need to do to be ready for these changes? To ensure your organization’s file transfer application can continue to transfer files to and from
Waystar after these improvements, your organization’s application must support at least one of the encryption algorithms on our list, outlined below in the Technical
Specifications. Most up-to-date applications should already support these changes. In addition, our new public key will need to be accepted by your application. To assist in this
transition, Waystar has created a document for your technical staff to review.

A test SFTP site has been created which mimics the new algorithms in order to verify your application’s configuration. Instructions for testing are included on the technical
details document.

Technical information for Waystar SFTP algorithm and public key changes

This documentation applies to SSH FTP connections to Waystar’s host “sshftp.waystar.com” which is also known as “sshftp.zirmed.com”. Although both hostnames will continue
to be valid, the “sshftp.waystar.com” is preferred.

Step 1) Algorithm Changes - Listed below are the only SFTP algorithms Waystar will have enabled after the transition. Although all these algorithms are considered secure,
we encourage our customers to configure their SFTP applications to use the strongest algorithms supported by their particular SFTP application. The below algorithms are
listed in descending order of strength.

Key Exchange Algorithms

diffie-hellman-group16-sha512

diffie-hellman-group14-sha256

diffie-hellman-group-exchange-sha256

diffie-hellman-group14-sha1

diffie-hellman-group-exchange-sha1

Encryption Algorithms

aes256-ctr

https://general.zirmed.com/AlertListing/FullScreenAlert 1/2
9/4/2020 Alerts

aes128-ctr

aes256-cbc

aes128-cbc

MAC Algorithms

hmac-sha2-512

hmac-sha2-256

hmac-sha1

hmac-sha1-96

Compression Algorithms

zlib

none

Step 2) Public Key Change - Waystar’s current public key is in the SSH-DSS format which is deprecated by the latest version of OpenSSL. Consequently, we are changing the
public key format to SSH-RSA. This change will require your application to accept and use the new public key. It is common for SFTP applications to automatically prompt the
user to accept the new key. Batch and scripted jobs may require a manual acceptance of the new key.

Server Public Keys

ssh-rsa

Key size: 2048-bit

Key: AAAAB3NzaC1yc2EAAAABEQAAAQEAv814r1g84+wAcDbtaBzeG+BbvFOBXDULM3ISHzoIJ9AUEtvRofsyT/OluLNg5JwaqP2YFvs6jMUSt+z0Bqap

2Fl2X3SXjtazW7WTPvqSHqtnH6z/Hw6Y1YH/zNU8dRgalaeKDYalh+4zY6JuDBjnDGrrTOqka0Jrjz6/SYq+7C9EVgo+djYaUyJasffLtRRjHoHB5fLL6Hq8GQRNCpvuyp

2c2RaumHzO12FFZV7BdmsyeUE7DtsHmr/QHwiK/rc+4pqlBBOM5QekQXe8p3SU7LG/FDRuvxEYA4PJ3K6Waw6GI6ScuflwF+OxGExxJit9nx5H3rbXIY9eTI1f0fb9TQ==

MD5 Fingerprint: 97:96:c6:0a:a9:8d:6a:8f:4f:8b:57:3d:f2:f8:4e:84

Server Host Key Algorithms

ssh-rsa

Step 3) Testing Your Applications - In order to verify that your application can connect using the new algorithms prior to the cutover date, Waystar has created a test server
with the configuration that will be applied to our production server. This is only for verifying connectivity. Please do not transfer any files.

Hostname: testsftp.Waystar.com

Port: 22

Username: WaystarTest

Password: Test123!

Please note that this test server has an SSH-RSA formatted key but will not be the same key the productions server will use.

Common Scenarios and Helpful Information

*Many SFTP applications use OpenSSH libraries. As of version 7 of OpenSSH, SSH-DSS formatted keys were disabled by default

*Popular applications that are known to work with the recommend algorithms: FileZilla, CuteFTP, WinFTP, Globalscape EFT

Thank you in advance for helping Waystar continuously uphold the highest data security standards. As always, we will be available to answer any questions you have along the
way.

Waystar Client Success Team

Continue

Support & Training | Logoff


© 1999 - 2020 Waystar™ All rights reserved

https://general.zirmed.com/AlertListing/FullScreenAlert 2/2

You might also like