On Wed, 21 Sep 2016, Delisle, John wrote: > Hello, > > I'm looking for your insight about the log below. We have an SFTP > server (IBM Sterling File Gateway) and we're connecting from an > OpenSSH SFTP client but something fails during KEX. > > Complete client-side debug output is below, but I believe the relevant > part is: > > debug1: kex: server->client cipher: aes192-cbc MAC: hmac-sha1 compression: none > debug1: kex: client->server cipher: aes192-cbc MAC: hmac-sha1 compression: none > debug3: send packet: type 30 > debug1: sending SSH2_MSG_KEX_ECDH_INIT > debug1: expecting SSH2_MSG_KEX_ECDH_REPLY > debug3: receive packet: type 1 > Received disconnect from 1.2.3.4 port 32:2: Failed to read binary packet data! > > Any suggestions about what's failing, and what the cause might be? > We're trying to figure out where to go in our troubleshooting, and do > not understand the meaning of this debug output. It's failing during key exchange (KEX). You could try explicitly selecting a different key exchange method e.g. sftp -oKEXAlgorithms=diffie-hellman-group14-sha1 ... If that works then it's highly likely that the IBM server has implemented the ecdh-sha2-nistp256 method incorrectly. -d _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
