EldoS | Feel safer!

Software components for data protection, secure storage and transfer

TElSimpleSFTPClient ignores user id / password

Posted: 05/15/2008 16:46:50
by Bob Grommes (Basic support level)
Joined: 05/15/2008
Posts: 2

When evaluating SFTP Blackbox (v5) I wrote the below test code and it worked perfectly.

When I purchased the product I got a key for v6. So I uninstalled v5 and installed v6.

Now the same code is throwing the following error:

SFTP connection failed with message: key validation handler is not assigned. PLease handle the OnKeyValidate event and implement proper key validation code there.

Question: why is the identical code ignoring the supplied user ID and password and assuming I'm trying to validate with a key?

SBSimpleSftp.TElSimpleSFTPClient SftpClient = new SBSimpleSftp.TElSimpleSFTPClient();

try {
// SFTP the file back
SftpClient.Username = "username";
SftpClient.Password = "password";
SftpClient.Address = "www.ec.somedomain.com";
SftpClient.Port = 60022;
SftpClient.ASCIIMode = false;
SftpClient.ClientHostname = "";
SftpClient.ClientUsername = "";
SftpClient.CompressionLevel = 6;
SftpClient.ForceCompression = false;
SftpClient.KeyStorage = null;
SftpClient.SFTPExt = null;
SftpClient.Versions = ((short)(28));
SBUtils.Unit.SetLicenseKey("[license key here]");
SftpClient.AuthenticationTypes = SBSSHConstants.Unit.SSH_AUTH_TYPE_PASSWORD | SBSSHConstants.Unit.SSH_AUTH_TYPE_KEYBOARD;
SftpClient.AuthenticationTypes = SftpClient.AuthenticationTypes & (~SBSSHConstants.Unit.SSH_AUTH_TYPE_PUBLICKEY);

try {
} catch(Exception ex) {
Console.WriteLine("SFTP connection failed with message: {0}",ex.Message);
Console.Write("Press any key ...");

Console.WriteLine("SFTP connection established", false);

try {
@"/FNFXFS/FTPIN/" + Path.GetFileName(scoredFile),
} catch(Exception ex) {
Console.WriteLine("Error during download: {0}",ex.Message);
Console.Write("Press any key ...");

} catch (Exception ex) {
ErrorLog.LogError(String.Format("Error PUTting file on SFTP server:{0}{1}",
Console.Write("Press any key ...");
} finally {

if (SftpClient.Active) {


Posted: 05/15/2008 16:55:54
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 442

Hi. Due to security reasons you need to set the OnKeyValidate event handler, which checks the server key validity.
Posted: 05/15/2008 18:05:59
by Bob Grommes (Basic support level)
Joined: 05/15/2008
Posts: 2

I implemented it, and it works again. But it is a breaking change, and it is not, as far as I could see, documented.
Posted: 05/16/2008 00:27:32
by Ken Ivanov (Team)

Yes, it is a breaking change, but the reason for it is enforcing validation of server keys by client applications. The protocol is NOT secure if such validation is not implemented correctly.

The change is documented in the Release notes section of the help file.



Topic viewed 3412 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!