I tried connecting to :22 using SftpWinFormClient sample with default settings and it is still failing:Ģ0:09:18.640 Info Info: Connecting to :22 using Sftp.Ģ0:09:18.648 Info Info: Assembly: Rebex.Sftp 2020 R1 for. Our customer who originally reported this issue in September 2019 informed us that they are going to ask their customers to report it as well, but apparently the problem still persists as of February 2020. We strongly recommend reporting this issue to Strato so they can fix it. Rebex SFTP uses rsa-sha2-256 by default (and runs into an issue because the server’s implementation is broken).This means that the following ciphers are negotiated: Rebex SFTP: server at claims to support the following ciphers:.Interestingly, common SFTP/SSH clients such as WinSCP, FileZilla and PuTTY’s psftp do not support RFC 8332 and the rsa-sha2-256 cipher yet, which means that they are not affected by this server-side issue.ĭisabling rsa-sha2-256 (and rsa-sha2-512 which is also not working properly at Strato’s server) in Rebex SFTP makes it connect successfully as well: var client = new Sftp() Ĭ("ssh-rsa", "ssh-dss", "x509v3-sign-rsa", "x509v3-sign-dss", "ecdsa-sha2-nistp256") Ĭlient.LogWriter = new ConsoleLogWriter(LogLevel.Debug) įor the sake of completeness, these are lists of supported host key ciphers of WinSCP, FileZilla (as of ) and Rebex SFTP (with default settings), in order of preference: Therefore, Rebex SFTP client rejects this mismatched signature, which is correct behavior. This cipher is supposed to use SHA-256 hash algorithm for its RSA signature (see RFC 8332), but the signature received from Strato's server is actually a signature based on SHA-1. There is something wrong with Strato server’s implementations of rsa-sha2-256 host key cipher. SshException.ProtocolMessage is "KeyExchangeFailed"īut this leaves me with a bad gut feeling as it seems to rely on internal implementation details which might change with new Rebex releases.Īny suggestions on this would be appreciated!.SshException.Status is SshExceptionStatus.OperationFailure.SftpException.Code is SftpErrorCode.UnknownError. ![]() If it matches the criteria below, try again with preferred = DSS.Try to connect with the default (preferred = RSA).Easy to restore if needed.When trying to connect to a popular German cloud storage provider via SFTP (STRATO HiDrive), an SSH key exchange failure exception occurs.Ĭhanging the PreferredHostKeyAlgorithm from RSA (which seems to be the new default since 2019 R1) "back" to DSS helps and the connection attempt succeeds, but I don't want to hard code it into my application and I want to avoid making this configurable. Securely back up videos, pictures, contacts, music files and calendars from your device to the cloud. Simply import the key created on your Windows computer and create encrypted folders on your Android device. upload your files and back them up at our TÜV-certified data centers in Germany (in accordance with ISO 27001) – where they are secure in accordance with the German Data Protection ActĪdditional functions are available in many packages. ![]() create share links and send them to your friends.email large files of up to 25 MB, in any file format. ![]()
0 Comments
Leave a Reply. |