Re: Where to look next?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Wed, 21 Sep 2016, Delisle, John wrote:

> Hello, 
>
> I'm looking for your insight about the log below. We have an SFTP
> server (IBM Sterling File Gateway) and we're connecting from an
> OpenSSH SFTP client but something fails during KEX.
>
> Complete client-side debug output is below, but I believe the relevant
> part is:
>
> debug1: kex: server->client cipher: aes192-cbc MAC: hmac-sha1 compression: none
> debug1: kex: client->server cipher: aes192-cbc MAC: hmac-sha1 compression: none
> debug3: send packet: type 30
> debug1: sending SSH2_MSG_KEX_ECDH_INIT
> debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
> debug3: receive packet: type 1
> Received disconnect from 1.2.3.4 port 32:2: Failed to read binary packet data!
>
> Any suggestions about what's failing, and what the cause might be?
> We're trying to figure out where to go in our troubleshooting, and do
> not understand the meaning of this debug output.

It's failing during key exchange (KEX). You could try explicitly selecting
a different key exchange method e.g.

sftp -oKEXAlgorithms=diffie-hellman-group14-sha1 ...

If that works then it's highly likely that the IBM server has implemented
the ecdh-sha2-nistp256 method incorrectly.

-d
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux