Cannot connect SFTP server: Failed to negotiate key exchange algorithm.
Hi,
We are using the FTP provider with the sFTP protocol and got the following error:
Cannot connect SFTP server: Failed to negotiate key exchange algorithm.
The following protocols were enabled on the server:
diffie-hellman-group14-sha256
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521
[email blocked]
After adding these it worked:
diffie-hellman-group1-sha1
diffie-hellman-group14-sha1
My understanding was that you were using SSH.NET as the sFTP client, which according to their documentation should have support for multiple of the algorithms available on the server. Are you using an older version of SSH.NET?
https://github.com/sshnet/SSH.NET/
We would not like to have to rely on the sha1 algorithms. Thank you!
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
1 Posted by Christoffer on 22 Feb, 2023 08:26 AM
The email blocked algorithm is:
curve25519-sha256 AT libssh.org
Support Staff 2 Posted by Feodor Fitsner on 22 Feb, 2023 04:10 PM
Right, AppVeyor doesn't use the latest SSH.NET library.
Why don't you try updating it during the build, on
init
stage with the following two commands:If method signatures have not changed it could do the trick. Let me know if that worked.
3 Posted by Christoffer Bre... on 23 Feb, 2023 06:18 AM
Thanks, I’ll try that. Curious though, what version do you run? Because some of my algorithms should match even in very old versions.
Från: Feodor Fitsner <[email blocked]>
Datum: onsdag, 22 februari 2023 17:11
Till: Christoffer Bredberg <[email blocked]>
Ämne: Re: Cannot connect SFTP server: Failed to negotiate key exchange algorithm. [Problems #34048]
Support Staff 4 Posted by Feodor Fitsner on 23 Feb, 2023 06:23 PM
AppVeyor uses version
2016.0.0
.5 Posted by Christoffer on 23 Feb, 2023 06:29 PM
Thank you!
Even that version should support those algorithms according to that versions readme:
https://github.com/sshnet/SSH.NET/blob/2016.0.0/README.md
I might have confused their stated diffie-hellman-group-exchange-sha256 with our accepted diffie-hellman-group14-exchange-sha256 though. Could be a difference there, probably explains it.
Unfortunately I was not able to run your init suggestion, seems there have been changes since then:
Could not load file or assembly 'Renci.SshNet, Version=2016.0.0.0, Culture=neutral, PublicKeyToken=1cee9f8bde3db106' or one of its dependencies. The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040)
We'll stick with supporting the older algorithms for now, happy to test if you decide to upgrade the SSH.NET version in the future.
Thank you!
Support Staff 6 Posted by Feodor Fitsner on 24 Feb, 2023 04:05 AM
Or you can use WinSCP: https://help.appveyor.com/discussions/problems/33606-try-to-deploy-...
Feodor Fitsner closed this discussion on 26 Apr, 2023 09:02 PM.