EldoS | Feel safer!

Software components for data protection, secure storage and transfer

SecureBlackBox.SFTP - connection lost error code 10058

Also by EldoS: MsgConnect
Cross-platform protocol-independent communication framework for building peer-to-peer and client-server applications and middleware components.
#18913
Posted: 02/03/2012 06:34:10
by Ashley Ings (Standard support level)
Joined: 02/03/2012
Posts: 5

I am using SecureBlackbox in a dot.net c# application, on a windows server 2003 - running ssh/sftp tectia, which is trying to connect to a Linux server (Red Hat Enterprise Linux Server release 5.6 (Tikanga).

I am facing an issue where our application has stopped working. The connection used to work, but now it is unable to establish a connection using the c# application. Both System admins of the Linux and Windows servers are saying the have not installed any hotfixes or pathches or modified any configuration settings, since it successfully worked.

I have successfully connect using the sftp2 command in tectica - to proved the public key installation is still valid:
(change the path to the key to protect the user name on the server to path-to-private-key and linux server name!)

sftp2 -K C:\path-to-private-key\id_dsa_2048_a linux_user_name@linux_server_name.net


But when I run the c# application I receive the following error:

ERROR: SFTP connection failed with message [Connection lost (error code is 10058)]
Trace: at S_FTP.Sftp.C
*** Detailed Exception Trace ***Type:System.Exception
Msg:SFTP connection failed with message [Connection lost (error code is 10058)]
Trace: at S_FTP.Sftp.Connect(String hostName, String username, String password, String privateKeyFilename)
at PublisherGenNS.PublisherGen.SetConnectionDetails(String& ps_ReturnMsg, String ps_Server, String ps_User, String ps_Pwd, String ps_Last_Seq_ID, String ps_FTP_IP_Add, String ps_FTP_Path, String ps_FTP_User, String ps_FTP_Pwd)



The Linux side log for the duration of the failure is as follows:

(I've changed servernames and I.P. to protect secure info and replaced with the follows!:
dest_server_name
source-server-name
source-server-IP
dest-server-IP
)


Jan 31 10:07:57 dest_server_name ssh-server-g3: 400 Connect, Policy name: connection, Src: source-server-name, Src IP: source-server-IP, Dst IFace: default, Dst IP: dest-server-IP, Src Port: 3127, Dst Port: 22, Ver: SSH-2.0-SecureBlackbox.7, Session-Id: 117 Jan 31 10:07:57 dest_server_name ssh-server-g3: 1002 Algorithm_negotiation_success, "kex_algorithm=diffie-hellman-group14-sha1, hostkey_algorithm=ssh-rsa, cipher=aes256-cbc/aes256-cbc, mac=hmac-sha256@ssh.com/hmac-sha256@ssh.com, compression=none/none", Session-Id: 117 Jan 31 10:07:58 dest_server_name ssh-server-g3: 1003 KEX_success, Algorithm: diffie-hellman-group14-sha1, Modulus: 2048 bits, Session-Id: 117, Protocol-session-Id: 578849EF5965FF8F0943BB8080C2BBD9A44C012D
Jan 31 10:07:58 dest_server_name ssh-server-g3: 411 Login_failure, Username: , Reason: Connection lost, Src: source-server-name, Src IP: source-server-IP, Dst IFace: default, Dst IP: dest-server-IP, Src Port: 3127, Dst Port: 22, "Connection lost, Local Disconnect", Session-Id: 117 Jan 31 10:07:58 dest_server_name ssh-server-g3: 402 Disconnect, Reason: Connection lost, Src: source-server-name, Src IP: source-server-IP, Dst IFace: default, Dst IP: dest-server-IP, Src Port: 3127, Dst Port: 22, "Connection lost, Local Disconnect", Session-Id: 117


I have also attempted to connect using the SimpleSftpDemo - and get the following error:
Error 105
Connection failed due to exception:Connection lost(error code is 10058)
Server software identified itself as:6.2.2.198 SSH Tectia Server

Thanks for any advise or info you can provide. Please let me know if you need any more information
#18914
Posted: 02/03/2012 06:58:28
by Eugene Mayevski (EldoS Corp.)

This type of issues has been discussed many times here in the forum. Did you use search? I can answer your post but this answer will be identical to what you could find using Search.


Sincerely yours
Eugene Mayevski
#18915
Posted: 02/03/2012 06:58:58
by Vsevolod Ievgiienko (EldoS Corp.)

Thank you for contacting us.

First of all try to do the following:

1) set AutoAdjustTransferBlock property to false
2) set PipelineLength property to 1

Check if it works. If it does, increase PipelineLength property (try value of 4 to see if pipelining is supported by the server, then to 16 or 8 to see how many pipelined packets the server will handle correctly).

If this doesn't help then please refer to this article: http://www.eldos.com/sbb/articles/4796.php
#18921
Posted: 02/03/2012 11:26:34
by Ashley Ings (Standard support level)
Joined: 02/03/2012
Posts: 5

Quote
Eugene Mayevski wrote:
This type of issues has been discussed many times here in the forum. Did you use search? I can answer your post but this answer will be identical to what you could find using Search.
Eugene Mayevski

Thanks for you comment - I searched but there was nothing specific to my situation where the connection stopped working, or was still working when performing a manual tectia SFTP.
#18922
Posted: 02/03/2012 11:58:38
by Eugene Mayevski (EldoS Corp.)

Frankly speaking I don't think so. All "suddenly stopped working" issues have reasons, and all those reasons are beyond our control.

As for "doesn't work now with error 10058" - this issue has been discussed zillion times and all we can recommend is post a link to the FAQ again and again.

Now, if you have a license, please assign the license ticket to your user account before we continue. The ticket itself and the procedure of it's use are specified in the registration e-mail that was sent to you upon license purchase.


Sincerely yours
Eugene Mayevski
#19518
Posted: 03/19/2012 09:50:26
by Ashley Ings (Standard support level)
Joined: 02/03/2012
Posts: 5

Hi Eugene,

I am still having problems with this issue. I've only just been granted access to a test RedHat server with the offending tectia patch installed. I now have an environment I can test in.

In reference to your last point, on the license ticket. The company (CitiGroup) does have a license for the application, but I'm not sure what you mean but the license ticket, and also how to assign this to my account?

I have a licence key for version 7. Which is a 513 character value. Is this what you mean?

Thanks
#19519
Posted: 03/19/2012 09:54:40
by Vsevolod Ievgiienko (EldoS Corp.)

Hello.

Have you tried to follow the steps described in the article I've posted above?
#19520
Posted: 03/19/2012 10:16:35
by Ashley Ings (Standard support level)
Joined: 02/03/2012
Posts: 5

Hi,

Yes. I've tried the following with out success.

1) set AutoAdjustTransferBlock property to false
2) set PipelineLength property to 1

And - everything in 'http://www.eldos.com/sbb/articles/4796.php', except the following - as I not too sure how to do this.

Number 5. I switched the option on (AutoAdjustCiphers) - still no luck.
But I am not sure how "turn off all algorithms except":

-------------------
Quote:

If no, turn off all algorithms except the listed ones:
1) known encryption algorithms: SSH_EA_3DES, SSH_EA_DES. Adjustable using EncryptionAlgorithms property of the client component.

2) known key exchange algorithms: SSH_KEX_DH_GROUP, SSH_KEX_DH_GROUP_EXCHANGE. Adjustable using KEXAlgorithms property of the client component.

3) known MAC algorithms: SSH_MA_HMAC_SHA1, SSH_MA_HMAC_MD5. Adjustable using MACAlgorithms property of the client component.

4) known public key algorithms: SSH_PK_DSS, SSH_PK_RSA. Adjustable using PublicKeyAlgorithms property of the client component. Often specifying both DSS and RSA leads to the server crash. In this case you need to keep just one algorithm active.
-------------------



In addition to this - is there a way we can run SecureBlack box in debug mode? To show additional info on the point of failure?
#19521
Posted: 03/19/2012 10:29:35
by Eugene Mayevski (EldoS Corp.)

Let's continue in HelpDesk. I'll copy your message there now.


Sincerely yours
Eugene Mayevski
#19523
Posted: 03/19/2012 10:38:01
by Ashley Ings (Standard support level)
Joined: 02/03/2012
Posts: 5

Hi Eugene,

Not sure what 'HelpDesk' is? Also - I've been send an email to a completely different issue thread:

---------------------

Topic title:
Failed to parse ftp.microsoft.com

Message author: Martin Plante
Message date: 03/19/2012 10:32:03
Message text:

Message address:
https://www.eldos.com/forum/read.php?FID=7&TID=3555
Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.

Reply

Statistics

Topic viewed 14178 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!