Cannot login via SFTP/SCP anymore (OpenSSH 7.4p1)

Discussion of bugs and problems found in Altap Salamander. In your reports, please be as descriptive as possible, and report one incident per report. Do not post crash reports here, send us the generated bug report by email instead, please.
vygi
Posts: 12
Joined: 05 Jan 2006, 10:03

Cannot login via SFTP/SCP anymore (OpenSSH 7.4p1)

Post by vygi »

Tonight, some of our LINUX servers have been updated and got new openssh version 7.4p1.

Now I cannot log in with the WinSCP plugin of Salamander.

It reports an error "expected key exchange group packet from server".

In the server logs, there are entries "error: kex protocol error: type 30 seq 1 [preauth]" and "Connection closed by xxx.xxx.xxx.xxx port 65476 [preauth]"

After a short investigation, I've found following PuTTY error report: https://community.centrify.com/t5/Centr ... td-p/26865 -- perhaps the same or similar issue?

Anyway, the Samalander+WinSCP work fine with the servers which aren't uppdated yet (openssh 6.6.1p1) but not with the updated ones (7.4p1)

Does it mean then that the WinSCP plugin is too old and should be updated, otherwise I will be not able to log in?

Is there a possibility to get it working without downgrading the openssh on the servers?

HELP!..... .... S.O.S. !!...

P.S. PuTTY connects to all servers without any issues.
vygi
Posts: 12
Joined: 05 Jan 2006, 10:03

Re: Cannot login via SFTP/SCP anymore (OpenSSH 7.4p1)

Post by vygi »

No comments?..

The issue occurs after CentOS upgrade to ver. 7.4, so I will be not the only one who is affected.
User avatar
SvA
Posts: 483
Joined: 29 Mar 2006, 02:41
Location: DE

Re: Cannot login via SFTP/SCP anymore (OpenSSH 7.4p1)

Post by SvA »

I do not use winscp. However, in similar circumstances (with IMAPSize) I had some success by just replacing the OpenSSL libraries with more recent ones.
vygi
Posts: 12
Joined: 05 Jan 2006, 10:03

Re: Cannot login via SFTP/SCP anymore (OpenSSH 7.4p1)

Post by vygi »

... in similar circumstances (with IMAPSize) I had some success by just replacing the OpenSSL libraries with more recent ones
Thank you but it did not work.
I have the most recent version of those files, but the server still refuses the connection.

And, the answer in the WinSCP forum was:
Yes, the plugin needs to update.
But unfortunately, WinSCP was meanwhile updated to Unicode, what makes it incompatible with Altap Salamander API. I'm waiting for them to release Unicode version of Salamander.
:(
camper
Posts: 30
Joined: 16 Sep 2009, 20:16

Re: Cannot login via SFTP/SCP anymore (OpenSSH 7.4p1)

Post by camper »

Please check this posting:

viewtopic.php?f=3&t=32384&p=61515#p61515
vygi
Posts: 12
Joined: 05 Jan 2006, 10:03

Re: Cannot login via SFTP/SCP anymore (OpenSSH 7.4p1)

Post by vygi »

camper wrote: 18 Sep 2017, 20:52 Please check this posting:

viewtopic.php?f=3&t=32384&p=61515#p61515
Thanks,
but why do you recommend me this posting? The last one in that thread is mine.
camper
Posts: 30
Joined: 16 Sep 2009, 20:16

Re: Cannot login via SFTP/SCP anymore (OpenSSH 7.4p1)

Post by camper »

Oops, didn't notice it is from you.
Aramir
Posts: 2
Joined: 22 Dec 2005, 20:41

Re: Cannot login via SFTP/SCP anymore (OpenSSH 7.4p1)

Post by Aramir »

Same issue here. Actually just upgraded/purchased the license for 3.08 (was on an older version), hoping that would fix the WinSCP thing. I guess, I should've read the forum first.

WinSCP built-in was one of the most useful features for me. I hope this gets fixed, but it does seem that this great manager is somewhat dead now...
superpyrin
Posts: 5
Joined: 09 May 2012, 17:51

Re: Cannot login via SFTP/SCP anymore (OpenSSH 7.4p1)

Post by superpyrin »

re-create the wincsp session again, try re-ordering algorithm selection policy in WinSCP-SSH-Key exchange settings. This worked for me.
vygi
Posts: 12
Joined: 05 Jan 2006, 10:03

Re: Cannot login via SFTP/SCP anymore (OpenSSH 7.4p1)

Post by vygi »

superpyrin wrote: 12 Nov 2017, 10:45 re-create the wincsp session again, try re-ordering algorithm selection policy in WinSCP-SSH-Key exchange settings. This worked for me.
wOW! It works!

What I did is to change SSH / Key Exchange settings: move "RSA-based kay exchange" and "Diffie-Hellmann group 14" to the top, and remaining policies to the bottom.
camper
Posts: 30
Joined: 16 Sep 2009, 20:16

Re: Cannot login via SFTP/SCP anymore (OpenSSH 7.4p1)

Post by camper »

I use WinSCP since a couple of months, but it's only a compromise - pasting file paths does not work, setting the local path does not work (it always remembers the paths, either permanently or from the last use), the selection using keyboard does not work reliable. Please fix it SOON. I would repurchase a full license of Altap Salamander to get the 64-bit WinSCP as Altap Plugin, UTF-8 support for file contents and file names, and HiDPI support.
mstrap
Posts: 3
Joined: 17 Dec 2014, 11:07

Re: Cannot login via SFTP/SCP anymore (OpenSSH 7.4p1)

Post by mstrap »

Now as SSH kex have been tightened on our server, I'm running into connection problems, too. Problem is that the WinSCP plugin does not seem to support diffie-hellman-group-exchange-sha256 kex. It would be great to have this one supported -- seems like diffie-hellman-group-exchange-sha1 is slowly dying out in general. I'm working a lot with SFTP and without the plugin AS is only half as great (still great, though :)
Post Reply