Archived Forum Post
Index of archived forum posts
Question:
Archived Forum PostQuestion:
Hi.
The problem occurs while connecting to ebibkom.deutschepost.de Same issue with current version 9.5.0.58 Server works with FileZilla and cURL.
ChilkatLog: Connect_SFtp: DllDate: Apr 21 2014 ChilkatVersion: 9.5.0.33 Architecture: Little Endian; 32-bit Language: Visual C++ 10.0 (32-bit) VerboseLogging: 0 SftpVersion: 0 hostname: ebibkom.deutschepost.de port: 22 Established TCP/IP connection with SSH server clientIdentifier: SSH-2.0-PuTTY_Local:_May_11_2009_17:22:38 Sending client identifier... Done sending client identifier. Reading server version... initialDataFromSshServer: SSH-2.0-6.4.6.215 SSH Tectia Server serverVersion: SSH-2.0-6.4.6.215 SSH Tectia Server KeyExchangeAlgs: algorithm: diffie-hellman-group1-sha1 algorithm: diffie-hellman-group14-sha1 algorithm: diffie-hellman-group14-sha256@ssh.com algorithm: diffie-hellman-group-exchange-sha1 algorithm: diffie-hellman-group-exchange-sha256 --KeyExchangeAlgs HostKeyAlgs: algorithm: ssh-rsa algorithm: ssh-rsa-sha256@ssh.com --HostKeyAlgs EncCS: algorithm: aes128-ctr algorithm: aes192-ctr algorithm: aes256-ctr algorithm: aes128-cbc algorithm: aes192-cbc algorithm: aes256-cbc algorithm: 3des-cbc algorithm: crypticore128@ssh.com --EncCS EncSC: algorithm: aes128-ctr algorithm: aes192-ctr algorithm: aes256-ctr algorithm: aes128-cbc algorithm: aes192-cbc algorithm: aes256-cbc algorithm: 3des-cbc algorithm: crypticore128@ssh.com --EncSC MacCS: algorithm: hmac-sha1-96 algorithm: hmac-sha256-2@ssh.com algorithm: hmac-sha224@ssh.com algorithm: hmac-sha256@ssh.com algorithm: hmac-sha384@ssh.com algorithm: hmac-sha512@ssh.com algorithm: crypticore-mac@ssh.com --MacCS MacSC: algorithm: hmac-sha1-96 algorithm: hmac-sha256-2@ssh.com algorithm: hmac-sha224@ssh.com algorithm: hmac-sha256@ssh.com algorithm: hmac-sha384@ssh.com algorithm: hmac-sha512@ssh.com algorithm: crypticore-mac@ssh.com --MacSC CompCS: algorithm: none algorithm: zlib --CompCS CompSC: algorithm: none algorithm: zlib --CompSC Encryption: 256-bit AES CTR Encryption: 256-bit AES CTR Unable to agree upon server-to-client MAC algorithm. Unable to agree upon client-to-server MAC algorithm. Compression: zlib Compression: zlib Key Exchange: DH Group Exchange SHA256 Host Key Algorithm: RSA numBits: 256 pbits: 4096 Using GEX Group. Sending KEX_DH_GEX_REQUEST... pbits: 4096 Unexpected message received. Expected KEX_DH_GEX_GROUP/KEXDH_REPLY. msgType: DISCONNECT Failed. --Connect_SFtp --ChilkatLog
This new build should do it now. (Sorry for the long delay..)
32-bit Download: http://www.chilkatsoft.com/download/preRelease/chilkat-9.5.0-x86-vc10.zip
64-bit Download: http://www.chilkatsoft.com/download/preRelease/chilkat-9.5.0-x86_64-vc10.zip
Please let me know if there are any problems.
It's likely not the same error. Post the LastErrorText for v9.5.0.58. I suspect it is different.
Looks the same...
ChilkatLog:
Connect_SFtp(109ms):
DllDate: Jun 13 2016
ChilkatVersion: 9.5.0.58
Architecture: Little Endian; 32-bit
Language: Visual C++ 10.0 (32-bit)
VerboseLogging: 1
SftpVersion: 0
connectInner(109ms):
hostname: ebibkom.deutschepost.de
port: 22
sshConnect(62ms):
SOCKS4:
socksHostname: prox
socksPort: 1080
socksUsername:
--SOCKS4
dnsLookup(31ms):
domain: ebibkom.deutschepost.de
domainLookup_ipv4(31ms):
domainLookupIpv4_win32(31ms):
resolveHostname1(31ms):
dnsCacheLookup: ebibkom.deutschepost.de
Resolving domain name (IPV4)
resolvedToIp: 149.239.221.118
--resolveHostname1
--domainLookupIpv4_win32
--domainLookup_ipv4
--dnsLookup
connectSocket(15ms):
domainOrIpAddress: prox
port: 1080
connectTimeoutMs: 30000
connect_ipv6_or_ipv4(15ms):
Multi-threaded domain to IP address resolution
connecting to IPV4 address...
ipAddress: 192.168.101.42
createSocket:
Setting SO_SNDBUF size
sendBufSize: 262144
Setting SO_RCVBUF size
recvBufSize: 4194304
--createSocket
connect(15ms):
Waiting for the connect to complete...
myIP: 192.168.123.139
myPort: 21569
socket connect successful.
--connect
--connect_ipv6_or_ipv4
--connectSocket
Established TCP/IP connection with SSH server
Turning on TCP_NODELAY.
--sshConnect
sshSetupConnection(47ms):
clientIdentifier: SSH-2.0-PuTTY_Release_0.66
Sending client identifier...
Done sending client identifier.
Reading server version...
initialDataFromSshServer: SSH-2.0-6.4.6.215 SSH Tectia Server
serverVersion: SSH-2.0-6.4.6.215 SSH Tectia Server
build_kexInit:
preferRsaHostKeyAlgorithm: 1
--build_kexInit
KeyExchangeAlgs:
algorithm: diffie-hellman-group1-sha1
algorithm: diffie-hellman-group14-sha1
algorithm: diffie-hellman-group14-sha256@ssh.com
algorithm: diffie-hellman-group-exchange-sha1
algorithm: diffie-hellman-group-exchange-sha256
--KeyExchangeAlgs
HostKeyAlgs:
algorithm: ssh-rsa
algorithm: ssh-rsa-sha256@ssh.com
--HostKeyAlgs
EncCS:
algorithm: aes128-ctr
algorithm: aes192-ctr
algorithm: aes256-ctr
algorithm: aes128-cbc
algorithm: aes192-cbc
algorithm: aes256-cbc
algorithm: 3des-cbc
algorithm: crypticore128@ssh.com
--EncCS
EncSC:
algorithm: aes128-ctr
algorithm: aes192-ctr
algorithm: aes256-ctr
algorithm: aes128-cbc
algorithm: aes192-cbc
algorithm: aes256-cbc
algorithm: 3des-cbc
algorithm: crypticore128@ssh.com
--EncSC
MacCS:
algorithm: hmac-sha1-96
algorithm: hmac-sha256-2@ssh.com
algorithm: hmac-sha224@ssh.com
algorithm: hmac-sha256@ssh.com
algorithm: hmac-sha384@ssh.com
algorithm: hmac-sha512@ssh.com
algorithm: crypticore-mac@ssh.com
--MacCS
MacSC:
algorithm: hmac-sha1-96
algorithm: hmac-sha256-2@ssh.com
algorithm: hmac-sha224@ssh.com
algorithm: hmac-sha256@ssh.com
algorithm: hmac-sha384@ssh.com
algorithm: hmac-sha512@ssh.com
algorithm: crypticore-mac@ssh.com
--MacSC
CompCS(16ms):
algorithm: none
algorithm: zlib
--CompCS
CompSC:
algorithm: none
algorithm: zlib
--CompSC
ChosenIncomingEncryption: aes256-ctr
ChosenOutgoingEncryptoin: aes256-ctr
Unable to agree upon server-to-client MAC algorithm.
Unable to agree upon client-to-server MAC algorithm.
ChosenIncomingCompression: zlib
ChosenOutgoingCompression: zlib
ChosenKexAlgorithm: diffie-hellman-group-exchange-sha256
choose_hostkey_algorithm:
preferRsaHostKeyAlgorithm: 1
--choose_hostkey_algorithm
ChosenHostKeyAlgorithm: ssh-rsa
numBits: 256
pbits: 4096
Using GEX Group.
Sending KEX_DH_GEX_REQUEST...
pbits: 4096
Unexpected message received. Expected KEX_DH_GEX_GROUP/KEXDH_REPLY.
msgType: DISCONNECT
--sshSetupConnection
--connectInner
Failed.
--Connect_SFtp
--ChilkatLog
The problem is this:
Unable to agree upon server-to-client MAC algorithm. Unable to agree upon client-to-server MAC algorithm.
The solution is to make the server accept more typical and commonly used (but also very secure) MAC algorithms, or to wait for Chilkat to implement a few of these other MAC algorithms..
I added support for hmac-sha1-96, so it should work now. Here's a new build:
32-bit Download: http://www.chilkatsoft.com/download/preRelease/chilkat-9.5.0-x86-vc10.zip
64-bit Download: http://www.chilkatsoft.com/download/preRelease/chilkat-9.5.0-x86_64-vc10.zip
-Matt
Wow, thanks a lot, that was quick.
The connection works. But there is a problem afterwards. Mayby a probem with hmac-sha1-96?
Connect_SFtp:
DllDate: Aug 8 2016
ChilkatVersion: 9.5.0.59
Architecture: Little Endian; 32-bit
Language: Visual C++ 10.0 (32-bit)
VerboseLogging: 1
SftpVersion: 0
connectInner:
hostname: ebibkom.deutschepost.de
port: 22
sshConnect:
connectSocket:
domainOrIpAddress: ebibkom.deutschepost.de
port: 22
connectTimeoutMs: 30000
connect_ipv6_or_ipv4:
Multi-threaded domain to IP address resolution
resolveHostname6:
getAddressInfo:
(leaveContext 15ms)
(leaveContext 15ms)
findIpAddrInfo:
(leaveContext)
connecting to IPV4 address...
ipAddress: 149.239.221.118
createSocket:
Setting SO_SNDBUF size
sendBufSize: 262144
Setting SO_RCVBUF size
recvBufSize: 4194304
(leaveContext)
connect:
Waiting for the connect to complete...
ck_getsockname_ipv4:
(leaveContext)
myIP: 192.168.18.31
myPort: 6381
socket connect successful.
(leaveContext 32ms)
(leaveContext 47ms)
(leaveContext 47ms)
Established TCP/IP connection with SSH server
Turning on TCP_NODELAY.
(leaveContext 47ms)
sshSetupConnection:
clientIdentifier: SSH-2.0-PuTTY_Release_0.66
Sending client identifier...
Done sending client identifier.
Reading server version...
initialDataFromSshServer: SSH-2.0-6.4.6.215 SSH Tectia Server
serverVersion: SSH-2.0-6.4.6.215 SSH Tectia Server
build_kexInit:
preferRsaHostKeyAlgorithm: 1
(leaveContext)
sendMessageInOnePacket:
(leaveContext)
KeyExchangeAlgs:
algorithm: diffie-hellman-group1-sha1
algorithm: diffie-hellman-group14-sha1
algorithm: diffie-hellman-group14-sha256@ssh.com
algorithm: diffie-hellman-group-exchange-sha1
algorithm: diffie-hellman-group-exchange-sha256
(leaveContext 16ms)
HostKeyAlgs:
algorithm: ssh-rsa
algorithm: ssh-rsa-sha256@ssh.com
(leaveContext)
EncCS:
algorithm: aes128-ctr
algorithm: aes192-ctr
algorithm: aes256-ctr
algorithm: aes128-cbc
algorithm: aes192-cbc
algorithm: aes256-cbc
algorithm: 3des-cbc
algorithm: crypticore128@ssh.com
(leaveContext)
EncSC:
algorithm: aes128-ctr
algorithm: aes192-ctr
algorithm: aes256-ctr
algorithm: aes128-cbc
algorithm: aes192-cbc
algorithm: aes256-cbc
algorithm: 3des-cbc
algorithm: crypticore128@ssh.com
(leaveContext)
MacCS:
algorithm: hmac-sha1-96
algorithm: hmac-sha256-2@ssh.com
algorithm: hmac-sha224@ssh.com
algorithm: hmac-sha256@ssh.com
algorithm: hmac-sha384@ssh.com
algorithm: hmac-sha512@ssh.com
algorithm: crypticore-mac@ssh.com
(leaveContext 15ms)
MacSC:
algorithm: hmac-sha1-96
algorithm: hmac-sha256-2@ssh.com
algorithm: hmac-sha224@ssh.com
algorithm: hmac-sha256@ssh.com
algorithm: hmac-sha384@ssh.com
algorithm: hmac-sha512@ssh.com
algorithm: crypticore-mac@ssh.com
(leaveContext)
CompCS:
algorithm: none
algorithm: zlib
(leaveContext)
CompSC:
algorithm: none
algorithm: zlib
(leaveContext)
LangCS:
(leaveContext)
LangSC:
(leaveContext)
ChosenIncomingEncryption: aes256-ctr
ChosenOutgoingEncryptoin: aes256-ctr
ChosenIncomingMac: hmac-sha1-96
ChosenOutgoingMac: hmac-sha1-96
ChosenIncomingCompression: zlib
ChosenOutgoingCompression: zlib
ChosenKexAlgorithm: diffie-hellman-group-exchange-sha256
choose_hostkey_algorithm:
preferRsaHostKeyAlgorithm: 1
(leaveContext)
ChosenHostKeyAlgorithm: ssh-rsa
numBits: 256
pbits: 4096
Using GEX Group.
Sending KEX_DH_GEX_REQUEST...
pbits: 4096
sendMessageInOnePacket:
(leaveContext)
Received GEX Group.
sendDhInit:
create_E:
(leaveContext 327ms)
sendMessageInOnePacket:
(leaveContext)
Sent: SSH2_MSG_KEX_DH_GEX_INIT
(leaveContext 327ms)
computeExchangeHash:
dhReplyMsgType: 33
serverVersion: [SSH-2.0-6.4.6.215 SSH Tectia Server]
Using SHA256 for Key Exchange Hash
(leaveContext 15ms)
RSA host key parsed successfully.
HostKeyNumBits: 1536
verifyHashSsh:
Pkcs1_5_decode:
(leaveContext)
(leaveContext)
RSA signature verification success.
rsa_key: 0000 0007 7373 682D 7273 6100 0000 0301
0001 0000 00C1 00C6 5561 71B7 43F0 6C96
4F52 14FA 2140 D807 2644 8EE8 C395 1F23
88F3 3347 16FD 0EF5 E930 C1F5 D44B F195
D361 3BE6 5314 2263 F3C9 5867 86AE 2E13
65AE 9E9B B70F 89D7 342F F73E E6AD 5F9C
B211 DFC4 1044 D635 00A5 736D FD7D D04A
AE50 B6DC B875 F07E 8EFC 7E7D 8448 17E0
30BE 2119 21AC 0760 92D0 36BB 4EED 2911
D888 986C CE0E 4B36 4A46 379F 99B0 C45D
EF68 33D2 DFC8 1DE7 06D0 0765 CA2A 3B1E
0B4D 1AD3 2401 4B56 DB93 7D82 F5E7 5D27
1920 9802 7B3C C487 9B96 E8A4 822D 7A4A
87BF 70A8 DF65 D7
sigH: 0000 0007 7373 682D 7273 6100 0000 C0A6
1371 49D8 8DF6 9BB4 90A2 3F27 2CA1 EB96
5A6B 7830 0D6F 5E3B 4C4E 6670 72A7 5F70
E047 2A90 2700 E5BE 0215 A90B 231B 6AB4
8498 91F0 477F C03B A329 474A E72B 80AE
9363 11EE 9654 EB44 E463 E42F BF1F F952
A8E3 6BAD 3412 E80D 3C75 8AAA A5DC C14C
1C9F AD79 ECD5 13C9 A49C 2781 FC42 E1A0
9D63 2B17 A7DF C61A BFC2 4647 573D B79A
B2A2 17E5 38E7 9312 58E3 AFBD FD45 24D4
97A8 1FEC 07DD BDA9 8608 DB6C F16C DB0B
744D B875 AE32 49EC 1BFE 4043 E268 8277
CC1E 62F3 B86D E933 7779 EA98 3C1F DD
exchangeHash: 0C7F 5B32 2C3F DDEF 61C4 D438 C4E8 CC9C
EA0B E5F7 5323 AEAD 0F98 43A1 9A35 1982
Sending newkeys to server...
sendMessageInOnePacket:
(leaveContext)
Expecting newkeys from server...
SSH Key Exchange Success.
installNewKeys:
m_isRekey: 0
Outgoing compression is now zlib.
Incoming compression is now zlib.
Outgoing encryption is now AES 256 CTR
outgoingMac: SHA1-96
initCrypt_aes:
(leaveContext)
initCrypt_aes:
(leaveContext)
(leaveContext)
(leaveContext 826ms)
socketOptions:
SO_SNDBUF: 262144
SO_RCVBUF: 4194304
TCP_NODELAY: 1
SO_KEEPALIVE: 0
(leaveContext)
Sending IGNORE message.
sendMessageInOnePacket:
(leaveContext)
(leaveContext 873ms)
Success.
(leaveContext 889ms)
AuthenticatePw:
DllDate: Aug 8 2016
ChilkatVersion: 9.5.0.59
UnlockPrefix: FORMATSSH
Architecture: Little Endian; 32-bit
Language: Visual C++ 10.0 (32-bit)
VerboseLogging: 1
login: [usr00006]
login: usr00006
sshAuthenticatePw:
requestUserAuthService:
sendServiceRequest:
svcName: ssh-userauth
sendMessageInOnePacket:
(leaveContext)
SentServiceReq: ssh-userauth
(leaveContext)
mType: IGNORE
sockRecv failed.
sockRecvN_buf: Did not receive the exact number of bytes desired.
numBytesToReceive: 16
numBytesReceived: 0
Failed to read 1st block_size bytes..
Error reading service accept.
(leaveContext 30358ms)
(leaveContext 30358ms)
Failed.
(leaveContext 30358ms)
Disconnect:
DllDate: Aug 8 2016
ChilkatVersion: 9.5.0.59
UnlockPrefix: FORMATSSH
Architecture: Little Endian; 32-bit
Language: Visual C++ 10.0 (32-bit)
VerboseLogging: 1
SshVersion: SSH-2.0-6.4.6.215 SSH Tectia Server
SftpVersion: 0
terminateConnection:
TCP connection cleanly closed by peer.
Cleanly terminated TCP connection.
(leaveContext 31ms)
(leaveContext 62ms)
Thanks! I'll investigate (most likely tomorrow because my schedule is full today..)
-Matt