Archived Forum Post

Index of archived forum posts

Question:

SSH / SFTP wont work anymore after Server update

Aug 31 '17 at 08:50

Hi,

We are using Cilkat since many years, after SSH server update on a embedded machine, we are no more able to connect ( ActiveX with VBS ) this one. It did look like the Chilkat SSH client isnt able to find a agreement about the cypher to be used with the old chilkat version. I updated the Chilkat software - since then we still have failures - but they changed >> see log below. Looks like finding a agreement on encryption/MAC/compression took place ... but then at the end we find a timeout

sshDhGex: Socket operation timeout. Failed to read KEX_DH_GEX_REQUEST response

Any idea welcome - thx Michael

Connect_SFtp:
    DllDate: Mar 11 2016
    ChilkatVersion: 9.5.0.56
    UnlockPrefix: xxxxxxxxxxx  /not public    
    Username: xxxxxxxxxx  /not public
    Architecture: Little Endian; 32-bit
    Language: ActiveX
    VerboseLogging: 1
    SftpVersion: 0
    connectInner:
        hostname: 172.21.88.21
        port: 22
        sshConnect:
            connectSocket:
                domainOrIpAddress: 172.21.88.21
                port: 22
                connectTimeoutMs: 10000
                connect_ipv6_or_ipv4:
                    This is an IPV4 numeric address.
                    Domain to IP address resolution not needed.
                    getAddressInfo:
                        (leaveContext)
                    connecting to IPV4 address...
                    ipAddress: 172.21.88.21
                    createSocket:
                        Setting SO_SNDBUF size
                        sendBufSize: 262144
                        Setting SO_RCVBUF size
                        recvBufSize: 4194304
                        (leaveContext)
                    connect:
                        Waiting for the connect to complete...
                        ck_getsockname_ipv4:
                            (leaveContext)
                        myIP: 172.21.45.1
                        myPort: 4644
                        socket connect successful.
                        (leaveContext 16ms)
                    (leaveContext 32ms)
                (leaveContext 32ms)
            Established TCP/IP connection with SSH server
            Turning on TCP_NODELAY.
            (leaveContext 32ms)
        sshSetupConnection:
            clientIdentifier: SSH-2.0-PuTTY_Release_0.66
            Sending client identifier...
            Done sending client identifier.
            Reading server version...
            initialDataFromSshServer: SSH-2.0-unknown

serverVersion: SSH-2.0-unknown
            build_kexInit:
                preferRsaHostKeyAlgorithm: 1
                (leaveContext)
            sendMessageInOnePacket:
                (leaveContext)
            KeyExchangeAlgs:
                algorithm: curve25519-sha256@libssh.org
                algorithm: ecdh-sha2-nistp256
                algorithm: ecdh-sha2-nistp384
                algorithm: ecdh-sha2-nistp521
                algorithm: diffie-hellman-group-exchange-sha256
                algorithm: diffie-hellman-group14-sha1
                (leaveContext)
            HostKeyAlgs:
                algorithm: ssh-rsa
                (leaveContext)
            EncCS:
                algorithm: chacha20-poly1305@openssh.com
                algorithm: aes128-ctr
                algorithm: aes192-ctr
                algorithm: aes256-ctr
                algorithm: aes128-gcm@openssh.com
                algorithm: aes256-gcm@openssh.com
                (leaveContext)
            EncSC:
                algorithm: chacha20-poly1305@openssh.com
                algorithm: aes128-ctr
                algorithm: aes192-ctr
                algorithm: aes256-ctr
                algorithm: aes128-gcm@openssh.com
                algorithm: aes256-gcm@openssh.com
                (leaveContext)
            MacCS:
                algorithm: umac-64-etm@openssh.com
                algorithm: umac-128-etm@openssh.com
                algorithm: hmac-sha2-256-etm@openssh.com
                algorithm: hmac-sha2-512-etm@openssh.com
                algorithm: hmac-sha1-etm@openssh.com
                algorithm: umac-64@openssh.com
                algorithm: umac-128@openssh.com
                algorithm: hmac-sha2-256
                algorithm: hmac-sha2-512
                algorithm: hmac-sha1
                (leaveContext 16ms)
            MacSC:
                algorithm: umac-64-etm@openssh.com
                algorithm: umac-128-etm@openssh.com
                algorithm: hmac-sha2-256-etm@openssh.com
                algorithm: hmac-sha2-512-etm@openssh.com
                algorithm: hmac-sha1-etm@openssh.com
                algorithm: umac-64@openssh.com
                algorithm: umac-128@openssh.com
                algorithm: hmac-sha2-256
                algorithm: hmac-sha2-512
                algorithm: hmac-sha1
                (leaveContext)
            CompCS:
                algorithm: none
                algorithm: zlib@openssh.com
                (leaveContext)
            CompSC:
                algorithm: none
                algorithm: zlib@openssh.com
                (leaveContext)
            LangCS:
                (leaveContext)
            LangSC:
                (leaveContext)
            ChosenIncomingEncryption: aes256-ctr
            ChosenOutgoingEncryptoin: aes256-ctr
            ChosenIncomingMac: hmac-sha2-256
            ChosenOutgoingMac: hmac-sha2-256
            ChosenIncomingCompression: zlib@openssh.com
            ChosenOutgoingCompression: zlib@openssh.com
            ChosenKexAlgorithm: diffie-hellman-group-exchange-sha256
            choose_hostkey_algorithm:
                preferRsaHostKeyAlgorithm: 1
                (leaveContext)
            ChosenHostKeyAlgorithm: ssh-rsa
            numBits: 256
            pbits: 4096
            Using GEX Group.
            Sending KEX_DH_GEX_REQUEST...
            pbits: 4096
            sendMessageInOnePacket:
                (leaveContext 16ms)
            Failed to read 1st block_size bytes..
            sshDhGex: Socket operation timeout.
            Failed to read KEX_DH_GEX_REQUEST response
            (leaveContext 31047ms)
        (leaveContext 31094ms)
    Failed.
    (leaveContext 31109ms)
IsConnected:
    DllDate: Mar 11 2016
    ChilkatVersion: 9.5.0.56
    UnlockPrefix: xxxxxxxxxxx  /not public 
    Username: xxxxxxxxxxx  /not public 
    Architecture: Little Endian; 32-bit
    Language: ActiveX
    VerboseLogging: 1
    SftpVersion: 0
    (leaveContext)
    

Answer

Thanks Michael,

Assuming this is an SSH server I can reach (at 172.21.88.21), I'll be happy to test it directly and work out the problems. (Given that it's just the Connect, this can be worked on without needing any account..)


Answer

I'm not able to reach 172.21.88.21, and therefore I'm not able to test it..


Answer

Hi Michael,

Did you ever find a solution to this issue, we're running into the exact same problem after a server upgrade.


Answer

Make sure to test with the very latest version of Chilkat (v9.5.0.69, or .68)

My original answer was from over a year ago. I suspect the problem has been resolved for quite some time.