EldoS | Feel safer!

Software components for data protection, secure storage and transfer

SecureBlackBox.SFTP - connection lost error code 10058

Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.
#18913
Posted: 02/03/2012 06:34:10
by Ashley Ings (Standard support level)
Joined: 02/03/2012
Posts: 5

I am using SecureBlackbox in a dot.net c# application, on a windows server 2003 - running ssh/sftp tectia, which is trying to connect to a Linux server (Red Hat Enterprise Linux Server release 5.6 (Tikanga).

I am facing an issue where our application has stopped working. The connection used to work, but now it is unable to establish a connection using the c# application. Both System admins of the Linux and Windows servers are saying the have not installed any hotfixes or pathches or modified any configuration settings, since it successfully worked.

I have successfully connect using the sftp2 command in tectica - to proved the public key installation is still valid:
(change the path to the key to protect the user name on the server to path-to-private-key and linux server name!)

sftp2 -K C:\path-to-private-key\id_dsa_2048_a linux_user_name@linux_server_name.net


But when I run the c# application I receive the following error:

ERROR: SFTP connection failed with message [Connection lost (error code is 10058)]
Trace: at S_FTP.Sftp.C
*** Detailed Exception Trace ***Type:System.Exception
Msg:SFTP connection failed with message [Connection lost (error code is 10058)]
Trace: at S_FTP.Sftp.Connect(String hostName, String username, String password, String privateKeyFilename)
at PublisherGenNS.PublisherGen.SetConnectionDetails(String& ps_ReturnMsg, String ps_Server, String ps_User, String ps_Pwd, String ps_Last_Seq_ID, String ps_FTP_IP_Add, String ps_FTP_Path, String ps_FTP_User, String ps_FTP_Pwd)



The Linux side log for the duration of the failure is as follows:

(I've changed servernames and I.P. to protect secure info and replaced with the follows!:
dest_server_name
source-server-name
source-server-IP
dest-server-IP
)


Jan 31 10:07:57 dest_server_name ssh-server-g3: 400 Connect, Policy name: connection, Src: source-server-name, Src IP: source-server-IP, Dst IFace: default, Dst IP: dest-server-IP, Src Port: 3127, Dst Port: 22, Ver: SSH-2.0-SecureBlackbox.7, Session-Id: 117 Jan 31 10:07:57 dest_server_name ssh-server-g3: 1002 Algorithm_negotiation_success, "kex_algorithm=diffie-hellman-group14-sha1, hostkey_algorithm=ssh-rsa, cipher=aes256-cbc/aes256-cbc, mac=hmac-sha256@ssh.com/hmac-sha256@ssh.com, compression=none/none", Session-Id: 117 Jan 31 10:07:58 dest_server_name ssh-server-g3: 1003 KEX_success, Algorithm: diffie-hellman-group14-sha1, Modulus: 2048 bits, Session-Id: 117, Protocol-session-Id: 578849EF5965FF8F0943BB8080C2BBD9A44C012D
Jan 31 10:07:58 dest_server_name ssh-server-g3: 411 Login_failure, Username: , Reason: Connection lost, Src: source-server-name, Src IP: source-server-IP, Dst IFace: default, Dst IP: dest-server-IP, Src Port: 3127, Dst Port: 22, "Connection lost, Local Disconnect", Session-Id: 117 Jan 31 10:07:58 dest_server_name ssh-server-g3: 402 Disconnect, Reason: Connection lost, Src: source-server-name, Src IP: source-server-IP, Dst IFace: default, Dst IP: dest-server-IP, Src Port: 3127, Dst Port: 22, "Connection lost, Local Disconnect", Session-Id: 117


I have also attempted to connect using the SimpleSftpDemo - and get the following error:
Error 105
Connection failed due to exception:Connection lost(error code is 10058)
Server software identified itself as:6.2.2.198 SSH Tectia Server

Thanks for any advise or info you can provide. Please let me know if you need any more information
#18914
Posted: 02/03/2012 06:58:28
by Eugene Mayevski (EldoS Corp.)

This type of issues has been discussed many times here in the forum. Did you use search? I can answer your post but this answer will be identical to what you could find using Search.


Sincerely yours
Eugene Mayevski
#18915
Posted: 02/03/2012 06:58:58
by Vsevolod Ievgiienko (EldoS Corp.)

Thank you for contacting us.

First of all try to do the following:

1) set AutoAdjustTransferBlock property to false
2) set PipelineLength property to 1

Check if it works. If it does, increase PipelineLength property (try value of 4 to see if pipelining is supported by the server, then to 16 or 8 to see how many pipelined packets the server will handle correctly).

If this doesn't help then please refer to this article: http://www.eldos.com/sbb/articles/4796.php
#18921
Posted: 02/03/2012 11:26:34
by Ashley Ings (Standard support level)
Joined: 02/03/2012
Posts: 5

Quote
Eugene Mayevski wrote:
This type of issues has been discussed many times here in the forum. Did you use search? I can answer your post but this answer will be identical to what you could find using Search.
Eugene Mayevski

Thanks for you comment - I searched but there was nothing specific to my situation where the connection stopped working, or was still working when performing a manual tectia SFTP.
#18922
Posted: 02/03/2012 11:58:38
by Eugene Mayevski (EldoS Corp.)

Frankly speaking I don't think so. All "suddenly stopped working" issues have reasons, and all those reasons are beyond our control.

As for "doesn't work now with error 10058" - this issue has been discussed zillion times and all we can recommend is post a link to the FAQ again and again.

Now, if you have a license, please assign the license ticket to your user account before we continue. The ticket itself and the procedure of it's use are specified in the registration e-mail that was sent to you upon license purchase.


Sincerely yours
Eugene Mayevski
#19518
Posted: 03/19/2012 09:50:26
by Ashley Ings (Standard support level)
Joined: 02/03/2012
Posts: 5

Hi Eugene,

I am still having problems with this issue. I've only just been granted access to a test RedHat server with the offending tectia patch installed. I now have an environment I can test in.

In reference to your last point, on the license ticket. The company (CitiGroup) does have a license for the application, but I'm not sure what you mean but the license ticket, and also how to assign this to my account?

I have a licence key for version 7. Which is a 513 character value. Is this what you mean?

Thanks
#19519
Posted: 03/19/2012 09:54:40
by Vsevolod Ievgiienko (EldoS Corp.)

Hello.

Have you tried to follow the steps described in the article I've posted above?
#19520
Posted: 03/19/2012 10:16:35
by Ashley Ings (Standard support level)
Joined: 02/03/2012
Posts: 5

Hi,

Yes. I've tried the following with out success.

1) set AutoAdjustTransferBlock property to false
2) set PipelineLength property to 1

And - everything in 'http://www.eldos.com/sbb/articles/4796.php', except the following - as I not too sure how to do this.

Number 5. I switched the option on (AutoAdjustCiphers) - still no luck.
But I am not sure how "turn off all algorithms except":

-------------------
Quote:

If no, turn off all algorithms except the listed ones:
1) known encryption algorithms: SSH_EA_3DES, SSH_EA_DES. Adjustable using EncryptionAlgorithms property of the client component.

2) known key exchange algorithms: SSH_KEX_DH_GROUP, SSH_KEX_DH_GROUP_EXCHANGE. Adjustable using KEXAlgorithms property of the client component.

3) known MAC algorithms: SSH_MA_HMAC_SHA1, SSH_MA_HMAC_MD5. Adjustable using MACAlgorithms property of the client component.

4) known public key algorithms: SSH_PK_DSS, SSH_PK_RSA. Adjustable using PublicKeyAlgorithms property of the client component. Often specifying both DSS and RSA leads to the server crash. In this case you need to keep just one algorithm active.
-------------------



In addition to this - is there a way we can run SecureBlack box in debug mode? To show additional info on the point of failure?
#19521
Posted: 03/19/2012 10:29:35
by Eugene Mayevski (EldoS Corp.)

Let's continue in HelpDesk. I'll copy your message there now.


Sincerely yours
Eugene Mayevski
#19523
Posted: 03/19/2012 10:38:01
by Ashley Ings (Standard support level)
Joined: 02/03/2012
Posts: 5

Hi Eugene,

Not sure what 'HelpDesk' is? Also - I've been send an email to a completely different issue thread:

---------------------

Topic title:
Failed to parse ftp.microsoft.com

Message author: Martin Plante
Message date: 03/19/2012 10:32:03
Message text:

Message address:
https://www.eldos.com/forum/read.php?FID=7&TID=3555
Also by EldoS: MsgConnect
Cross-platform protocol-independent communication framework for building peer-to-peer and client-server applications and middleware components.

Reply

Statistics

Topic viewed 14182 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!