This project has moved. For the latest updates, please go here.

Algorithm negotiation fail

Aug 12, 2010 at 1:25 PM

When using password authentication we get the above error when trying to upload a file. The server logs indicate that the authentication phase was successful.
The server uses FreeSSHD 1.2.6.

I have tested this with a local instance of FreeSSHD and it worked. SFTPAdapter is version 1.3.6.

Here is the trace:

Type: Tamir.SharpSsh.jsch.JSchException
Target: Void connect(Int32)
Message: Algorithm negotiation fail
Stacktrace:
at Tamir.SharpSsh.jsch.Session.connect(Int32 connectTimeout)
at Tamir.SharpSsh.SshBase.ConnectSession(Int32 tcpPort)
at Tamir.SharpSsh.SshBase.Connect(Int32 tcpPort)
at Blogical.Shared.Adapters.Sftp.SharpSsh.Sftp.connect(Boolean force)

Any ideas?

/Antti

 

 

Coordinator
Aug 12, 2010 at 6:09 PM

Haven't seen this before, The exception indicates an incompatibility between the server and client (BizTalk) algorithm. The weirdest part is the fact that it works on one server and fails on another.  Would you mind trying to connect with another client like tunnelier? Could there be a configuration difference between the  servers?

//Mikael

Aug 13, 2010 at 6:37 AM

Tunnelier works, also FileZilla. Actually the succesful logon entry in the log is almost certainly from FileZilla.

08-06-2010 09:22:37 IP 193.110.36.16 SSH connection attempt.
08-06-2010 09:22:37 IP 193.110.36.16 SSH connection attempt.
08-06-2010 09:27:35 IP 193.110.36.16 SSH connection attempt.
08-06-2010 09:27:35 IP 193.110.36.16 SSH connection attempt.
08-06-2010 09:32:33 IP 193.110.36.16 SSH connection attempt.
08-06-2010 09:32:33 IP 193.110.36.16 SSH connection attempt.
08-06-2010 09:37:31 IP 193.110.36.16 SSH connection attempt.
08-06-2010 09:37:31 IP 193.110.36.16 SSH connection attempt.
08-06-2010 09:45:10 IP 193.110.36.16 SSH connection attempt.
08-06-2010 09:45:11 IP 193.110.36.16 SSH * edited * successfully logged on using password.
08-06-2010 09:45:11 SFTP service granted to user * edited *.
08-06-2010 09:45:11 IP 193.110.36.16 * edited * is listing /New files (D:\Data Import\New files\New files)
08-06-2010 09:45:13 IP 193.110.36.16 * edited * is listing /Backup (D:\Data Import\New files\Backup)
08-06-2010 09:45:15 IP 193.110.36.16 * edited * is listing / (D:\Data Import\New files\)
08-06-2010 09:45:15 IP 193.110.36.16 * edited * is listing / (D:\Data Import\New files\)

Unfortunately FreeSSHD has no detailed trace mechanism and there is no documentation either.

 

Coordinator
Aug 13, 2010 at 11:49 AM

I'm still puzzeled by the fact that it works on one server and fails on the other. Could you make sure the following Key exchange algorithms are supported on the server that is not working:

  • diffie-hellman-group-exchange-sha1
  • diffie-hellman-group1-sha1

...and the following Ciphers:

  • 3des-cbc
  • aes128-cbc

...and the following MAC protection:

  • hmac-md5

 

Coordinator
Aug 17, 2010 at 5:19 PM

Antti, have you had time to look at this?

Aug 18, 2010 at 6:25 AM

Not yet. In FreeSSHD you can specify what algorithms are supported but I do not know yet what our partner uses and if that setting has any effect.

/Antti

Coordinator
Aug 18, 2010 at 9:23 AM

Ok, just let me know.

//Mikael

Aug 18, 2010 at 10:26 AM
Just heard that our partner had other problems with FreeSSHD and they have moved to CopSSHD. We have not the issue anymore.
/Antti
Coordinator
Aug 18, 2010 at 7:46 PM

Great news. Let me know if there is anything else.

//Mikael