J.P. Morgan Host-to-Host SSH Support

Updated on May 1, 2025 

SSH Key Updates

The SSH Key for the SFTP protocol will be replaced on November 7, 2026 after 5 p.m. ET. The new keys will be available to download below after November 2, 2026.  Going forward, after the replacement on November 7, the SFTP SSH Key will be rotated every 6 months.

  • Production: transmissions.jpmsec.cc

If you connect via SFTP to transmissions.jpmsec.cc on port 22, please download the J.P. Morgan public key and rename as needed. The fingerprint is: fd:10:48:72:08:25:42:13:85:e7:70:72:ae:10:2a:7d and will be replaced on November 7, 2026.

 

  • If J.P. Morgan pushes files to you via SFTP, please download the J.P. Morgan public host key and rename as needed. The fingerprint is: dc:93:d3:63:0b:03:74:7a:50:e4:97:de:8c:ae:fc:0f  and will be replaced  on November 7, 2026.

Host-to-Host Supported SSH Ciphers

Only the following ciphers are supported for internet-based connections via applications that use Secure File Transfer Protocol (SFTP):

  • Supported Ciphers for SSH
  • Supported Keyed-Hash Message Authentication Code (HMAC)
    • hmac-sha2-512
    • hmac-sha2-256
  • Supported SSH Key Exchange Algorithms and Public Keys Supported
    • diffie-hellman-group-exchange-sha256
    • ecdh-sha2-nistp256
    • ecdh-sha2-nistp384
    • ecdh-sha2-nistp521
    • diffie-hellman-group16-sha512
    • Diffie-hellman-group18-sha512
    • diffie-hellman-group14-sha256
    • curve25519-sha256
    • curve25519-sha256@libssh.org
  • Supported SSH Host Key Algorithms
    • ecdsa-sha2-nistp256-cert-v01@openssh.com
    • ecdsa-sha2-nistp384-cert-v01@openssh.com
    • ecdsa-sha2-nistp521-cert-v01@openssh.com
    • ssh-ed25519-cert-v01@openssh.com
    • ecdsa-sha2-nistp256
    • ecdsa-sha2-nistp384
    • ecdsa-sha2-nistp521
    • ssh-ed25519
    • ssh-rsa-sha256 
    • ssh-rsa-sha512 
    • ssh-rsa

If your application does not support the available ciphers or does not have the required encryption capabilities, it may be necessary to change its configuration, upgrade it to current version, switch to another protocol or replace it.

Application Compatibility

Client software applications that are known to connect successfully to Host-to-Host are shown below. Note that this list may change over time, and it is best practice to only use supported current versions of third-party applications. The use and functionality of third-party software is subject to change without notice, and, is therefore not recommended or endorsed. J.P. Morgan makes no representation, explicit or implied, as to the functionality, quality, or suitability of any third-party software referenced below.

  • Axway Secure Client 6.1, 6.2, 6.3
  • Curl 7.58.0
  • FileZilla Client 3.10.x
  • PSCP (PuTTY) 0.70
  • PSFTP (PuTTY SFTP) 0.70
  • VanDyke SecureFX 8.3
  • WinSCP 5.13
  • OpenSSH 7.6