Try to deploy (SFTP) to Sourceforge: Error - Cannot connect SFTP server: Failed to negotiate key exchange algorithm.

andre_mikulec's Avatar

andre_mikulec

13 Nov, 2022 07:28 AM

Hi,

Whenever, I try to "deploy" using SFTP to Sourceforge
I am getting back the following error:

`Cannot connect SFTP server: Failed to negotiate key exchange algorithm.`

I have already checked:
  1. Password and its "encryped YAML password" in appveyor.yml
  2. Manually SFTP a small simple text file manually using my password.
      My manual SFTP transfer from my home computer to Sourceforge works..

Here is my most recent failure:

https://ci.appveyor.com/project/AndreMikulec/appveyortest4/builds/45364945#L17
and its appveyor.yml file
https://github.com/AndreMikulec/appveyortest4/blob/35fb8c5c65e896473889b7a446c0a6dfaa15a940/appveyor.yml#L29
```
deploy:
  - provider: FTP
    host: frs.sourceforge.net
    protocol: sftp
    # https://sourceforge.net/projects/andremikulec/files/
    username: andremikulec,andremikulec.u
    password:
      secure: AZOInJ/FinCYx+tbyshJR5VWUISswlz5yiGDqfgEXLg=
    artifact: ALPHA
    folder: /home/frs/project/andremikulec
    application:
    active_mode: false
    debug: true
```

With the same "deploy" structure(account, password, host, target folder),
here is a successful deployment from two(2) months ago:
`R 4.2.1 - tests: EARLY SEP 2022 build jobs`
https://ci.appveyor.com/project/AndreMikulec/r-base/builds/44724663/job/jsx682x3whu9v729#L24375
and its appveyor.yml file
https://github.com/AndreMikulec/r-base/blob/2e0da96cda5b817c450c678507a20731512e181e/appveyor.yml#L83

```
  - provider: FTP
    host: frs.sourceforge.net
    protocol: sftp
    # https://sourceforge.net/projects/andremikulec/files/
    username: andremikulec,andremikulec.u
    password:
      secure: AZOInJ/FinCYx+tbyshJR5VWUISswlz5yiGDqfgEXLg=
    artifact: "%APPVEYOR_PROJECT_SLUG%_%appveyor_build_version%_%version%_%DEPLOYNAME%.7z"
    folder: /home/frs/project/andremikulec
    application:
    active_mode: false
```

Please help.

Thanks,
Andre

  1. Support Staff 1 Posted by Feodor Fitsner on 14 Nov, 2022 12:25 AM

    Feodor Fitsner's Avatar

    Hi Andre,

    Checking the logs I see that both successful and failed builds have been running on Visual Studio 2015 image and in the same build environment. Visual Studio 2015 image wasn't changed for the last 3 months. Build Agent was not updated during that period as well.

    However, that https://ci.appveyor.com/project/AndreMikulec/appveyortest4 project is running on Visual Studio 2019 image and gives the same error which is strange.

    I suspect something changed on SF side (like an update exchange algorithm?) which is not yet supported by a SFTP library used in AppVeyor Build Agent.

    You can try using WinSCP for deployment to SF.

    The general algorithm for using WinSCP in a build script:

    deploy_script:
    - cmd: |
        choco install -y winscp
        echo open ftpes://%FTP_USER%:%FTP_PSW%@<your-ftp-server>/ > ftp.txt
        echo put <somefile> / >> ftp.txt
        echo exit >> ftp.txt
        "C:\Program Files (x86)\WinSCP\winscp.com" /script=ftp.txt
    

    where FTP_USER and FTP_PSW are secure environment variables defined on either project settings UI or in appveyor.yml.

    Let me know if that worked.

  2. 2 Posted by andre_mikulec on 15 Nov, 2022 02:07 AM

    andre_mikulec's Avatar

    Feodor Fitsner,

    Short answer: the situation may be? . . .
    "The server's host key was not found in the cache."

    Long answer:

    In this particular case, this SFTP host is on Sourceforge.
    In this help request, everything is public knowledge EXCEPT my password %FTP_PSW%.

    Sourceforge docs that I followed.
    https://sourceforge.net/p/forge/documentation/SFTP/

    MY_PASSWORD is not "my password".
    I stored my real password in the web interface Appveyor environment variable FTP_PSW.

    Here are results . .

    I tried locally using ftpes:

    C:\Users\AnonymousUser\Downloads>type ftp.txt
    open ftpes://andremikulec,andremikulec.u:[email blocked]/
    put ALPHA.txt /home/frs/project/andremikulec/
    exit
    

    local sftpes output:

    C:\Users\AnonymousUser\Downloads>winscp.com /script=ftp.txt
    Connecting to frs.sourceforge.net ...
    Connection failed.
    Timeout detected. (control connection)
    Connection failed.
    

    Following "open command"
    https://winscp.net/eng/docs/scriptcommand_open
    I tried locally using sftp:

    C:\Users\AnonymousUser\Downloads>type ftp_frs_2.txt
    open sftp://andremikulec,andremikulec.u:[email blocked]/
    put ALPHA.txt /home/frs/project/andremikulec/
    

    local sftp output:

    C:\Users\AnonymousUser\Downloads>winscp.com /script=ftp_frs_2.txt
    Searching for host...
    Connecting to host...
    Authenticating...
    Using username "andremikulec,andremikulec.u".
    Authenticating with pre-entered password.
    Authenticated.
    Starting the session...
    Session started.
    Active session: [1] andremikulec,[email blocked]
    Using configured transfer settings different from factory defaults.
    ALPHA.txt                 |            7 B |    0.0 KB/s | ascii  | 100%
    

    I tried online using ftpes:
    https://github.com/AndreMikulec/appveyortest4/blob/b8a108d9a3005235...

    deploy_script:
    - cmd: |
        choco install -y winscp
        echo open ftpes://andremikulec,andremikulec.u:%FTP_PSW%@frs.sourceforge.net/ > ftp.txt 2>&1 || date /t
        echo put ALPHA.txt /home/frs/project/andremikulec/ >> ftp.txt
        echo exit >> ftp.txt
        set PATH=C:\Program Files (x86)\WinSCP;%PATH%
        winscp.com /script=ftp.txt
    

    online ftpes output:
    https://ci.appveyor.com/project/AndreMikulec/appveyortest4/builds/4...

    echo open ftpes://andremikulec,andremikulec.u:%FTP_PSW%@frs.sourceforge.net/ > ftp.txt 2>&1 || date /t
    echo put ALPHA.txt /home/frs/project/andremikulec/ >> ftp.txt
    echo exit >> ftp.txt
    set PATH=C:\Program Files (x86)\WinSCP;%PATH%
    winscp.com /script=ftp.txt
    Connecting to frs.sourceforge.net ...
    Connection failed.
    Timeout detected. (control connection)
    Connection failed.
    Command exited with code 1
    

    I tried online using sftp:
    https://github.com/AndreMikulec/appveyortest4/blob/2515b789a12e9726...

    deploy_script:
    - cmd: |
        choco install -y winscp
        echo open sftp://andremikulec,andremikulec.u:%FTP_PSW%@frs.sourceforge.net/ > ftp.txt 2>&1 || date /t
        echo put ALPHA.txt /home/frs/project/andremikulec/ >> ftp.txt
        echo exit >> ftp.txt
        set PATH=C:\Program Files (x86)\WinSCP;%PATH%
        winscp.com /script=ftp.txt
    

    online sftp output:
    https://ci.appveyor.com/project/AndreMikulec/appveyortest4/builds/4...

    echo open sftp://andremikulec,andremikulec.u:%FTP_PSW%@frs.sourceforge.net/ > ftp.txt 2>&1 || date /t
    echo put ALPHA.txt /home/frs/project/andremikulec/ >> ftp.txt
    echo exit >> ftp.txt
    set PATH=C:\Program Files (x86)\WinSCP;%PATH%
    winscp.com /script=ftp.txt
    Searching for host...
    Connecting to host...
    Authenticating...
    Continue connecting to an unknown server and add its host key to a cache?
    The server's host key was not found in the cache. You have no guarantee that the server is the computer you think it is.
    The server's Ed25519 key details are:
        Algorithm:  ssh-ed25519 255
        SHA-256:    209BDmH3jsRyO9UeGPPgLWPSegKmYCBIya0nR/AWWCY
        MD5:        6e:b2:16:7a:ee:b6:c2:23:c5:8f:ff:e7:9d:cd:d4:1a
    If you trust this host, press Yes. To connect without adding host key to the cache, press No. To abandon the connection press Cancel.
    In scripting, you should use a -hostkey switch to configure the expected host key.
    (Y)es, (N)o, C(a)ncel (10 s), (C)opy Key, (P)aste key: 
    Host key wasn't verified!
    Host key fingerprint is ssh-ed25519 255 209BDmH3jsRyO9UeGPPgLWPSegKmYCBIya0nR/AWWCY.
    Authentication failed.
    Command exited with code 1
    

    I followed this:
    https://winscp.net/eng/docs/scriptcommand_open

    -hostkey="<fingerprint>"
    -hostkey="acceptnew"
    

    I tried online using sftp:
    https://github.com/AndreMikulec/appveyortest4/blob/40c7d4b7388e6985...

    deploy_script:
    - cmd: |
        choco install -y winscp
        echo open sftp://andremikulec,andremikulec.u:%FTP_PSW%@frs.sourceforge.net/ -hostkey="acceptnew" > ftp.txt 2>&1 || date /t
        echo put ALPHA.txt /home/frs/project/andremikulec/ >> ftp.txt
        echo exit >> ftp.txt
        set PATH=C:\Program Files (x86)\WinSCP;%PATH%
        winscp.com /script=ftp.txt
    

    online sftp output:
    https://ci.appveyor.com/project/AndreMikulec/appveyortest4/builds/4...

    echo open sftp://andremikulec,andremikulec.u:%FTP_PSW%@frs.sourceforge.net/ -hostkey="acceptnew" > ftp.txt 2>&1 || date /t
    echo put ALPHA.txt /home/frs/project/andremikulec/ >> ftp.txt
    echo exit >> ftp.txt
    set PATH=C:\Program Files (x86)\WinSCP;%PATH%
    winscp.com /script=ftp.txt
    Searching for host...
    Connecting to host...
    Authenticating...
    Using username "andremikulec,andremikulec.u".
    Authenticating with pre-entered password.
    Authenticated.
    Starting the session...
    Session started.
    Active session: [1] andremikulec,[email blocked]
    ALPHA.txt                 |            8 B |    0.0 KB/s | binary | 100%
    Build success
    

    What happens next?

    Thanks,
    Andre

  3. Support Staff 3 Posted by Feodor Fitsner on 15 Nov, 2022 04:16 AM

    Feodor Fitsner's Avatar

    Hi Andre,

    Thanks for your time investigating this! That knowledge will definitely help other AppVeyor users having the same issues/requirements!

    If it works with WinSCP then use it going forward.

    I will try looking if that could be implemented with .NET FTP library used in AppVeyor Build Agent, but honestly we have never been able to find a decent .NET FTP client with OS license.

  4. 4 Posted by andre_mikulec on 15 Nov, 2022 08:48 PM

    andre_mikulec's Avatar

    If it works with WinSCP then use it going forward. O.K. Thanks

Reply to this discussion

Internal reply

Formatting help / Preview (switch to plain text) No formatting (switch to Markdown)

Attaching KB article:

»

Attached Files

You can attach files up to 10MB

If you don't have an account yet, we need to confirm you're human and not a machine trying to post spam.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac