EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Problem connecting with SFTP

Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.
#1912
Posted: 12/18/2006 19:08:01
by Ken Ivanov (EldoS Corp.)

Thanks to the information provided by George Shirai in the Helpdesk system, the actual reason for the problem was found. The server fails to accept incoming connection if it does not 'know' some of the key exchange algorithms supported by the client. This 'feature' seems to be specific to this particular server (identified by 'SSH-2.0-Sun_SSH_1.0.1' hello line). The simple workaround is to disable all the key exchange algorithms unsupported by the server (dh-group-exchange-sha1, dh-group-14-sha1, dh-group-exchange-sha256 for the above server).
#1914
Posted: 12/19/2006 07:53:39
by George Shirai (Basic support level)
Joined: 12/18/2006
Posts: 7

Thank you, that seems to have solved the problem. I downloaded the updated project sent through the Helpdesk, ran it, and was able to connect to the SFTP server.
#2058
Posted: 01/25/2007 11:34:08
by john williams (Standard support level)
Joined: 08/17/2006
Posts: 8

I seem to be be getting similar connection protocol errors with newer pc clients... running the SftpDemo project it logs "TCP connection opened' then just hangs...
Quote
Innokentiy Ivanov wrote:
Thanks to the information provided by George Shirai in the Helpdesk system, the actual reason for the problem was found. The server fails to accept incoming connection if it does not 'know' some of the key exchange algorithms supported by the client. This 'feature' seems to be specific to this particular server (identified by 'SSH-2.0-Sun_SSH_1.0.1' hello line). The simple workaround is to disable all the key exchange algorithms unsupported by the server (dh-group-exchange-sha1, dh-group-14-sha1, dh-group-exchange-sha256 for the above server).


So I assume that the newer pc have more advanced algorithms than the server.... so how do you change the algorithms on the clients?
#2059
Posted: 01/25/2007 11:39:29
by Ken Ivanov (EldoS Corp.)

Please consider using KexAlgorithms property of the class you are using (TElSSHClient/TElSimpleSSHClient/TElSFTPClient/TElSimpleSFTPClient).
#2061
Posted: 01/25/2007 12:26:28
by john williams (Standard support level)
Joined: 08/17/2006
Posts: 8

What is the exact syntax and values to use for VB6?
(Can you give an example for use in your SftpDemo example) Thanks
#2063
Posted: 01/25/2007 12:44:20
by Ken Ivanov (EldoS Corp.)

Please use the following code:
Code
  For i = SSH_KEX_FIRST To SSH_KEX_LAST
    SSHClient.KexAlgorithms(i) = False
  Next
  SSHClient.KexAlgorithms(SSH_KEX_DH_GROUP) = True
#2073
Posted: 01/26/2007 06:22:23
by john williams (Standard support level)
Joined: 08/17/2006
Posts: 8

I have inserted the code into the "btnConnect_Click" subroutine in your demo project (VB6\SFTPBlackBox\Demo\SftpDemo.vbp) ... It continues to work sucessfully on clients it worked on before, but with newer client pc's it just hangs after logging "TCP connection opened".
So NO change. Any more ideas, please?
#2074
Posted: 01/26/2007 06:34:44
by Eugene Mayevski (EldoS Corp.)

In SecureBlackbox 5.0 DES encryption algorithm is disabled by default. So if DES is the only encryption algorithm supported by the server (this happens sometimes), then connection will fail. You need to enable DES and 3DES. Please check documentation for details.


Sincerely yours
Eugene Mayevski
#2077
Posted: 01/26/2007 08:52:23
by Ken Ivanov (EldoS Corp.)

Please also check that the correct DLLs are referenced and the right license key is used (SBB5 will not work with SBB4 license key and vice versa).
#2078
Posted: 01/26/2007 09:19:39
by john williams (Standard support level)
Joined: 08/17/2006
Posts: 8

Hi, I was using Version 4 so I have upgraded my machine to Version 5 and downloaded a new licence key... and now it no longer works on my machine! It now takes over 40 seconds to paint the form, then when I enter the loggon and password gives the message "TCP connection opened" and then just hangs, like it was exhibiting on the other machines. Documentation on DES and DES3 states its not implemented for VB6 , or have I missed something?
John
Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.

Reply

Statistics

Topic viewed 16407 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!