Issue
I've been using Renci SSH.NET to connect to our SFTP server for over a year, within an SSIS package, with no problems. Then last week I began to get failures with the message, "An established connection was aborted by the server". I was told that SHA1 had been disabled and only SHA2 would be supported. I've gone through just about everything I could find online and nothing has worked. Will SSH.NET not support SHA2? I've tested WinSCP as an alternative and it works, but I'd rather not switch unless necessary.
For testing purposes I added some code to a desktop app.
After the connection is aborted these are the client ConnectionInfo
properties.
A person on the server team sent me this when I attempted to use SSH.NET.
SSH2_MSG_KEXINIT
SSH2_MSG_KEXINIT
SSH2_MSG_KEXDH_INIT
SSH Protocol Error: invalid key exchange value.
Closed session
List<AuthenticationMethod> authMethods = new List<AuthenticationMethod>();
authMethods.Add(new PasswordAuthenticationMethod(uName, pWord));
ConnectionInfo cInfo = new ConnectionInfo(host,uName,authMethods.ToArray());
cInfo.HmacAlgorithms["hmac-sha2-256"] =
new HashInfo(256, key => new SshNet.Security.Cryptography.HMACSHA256(key));
SftpClient client = new SftpClient(cInfo);
client.HostKeyReceived += (object obj, HostKeyEventArgs hke) =>
{
hke.CanTrust = true;
}
client.Connect();
Solution
Indeed, SSH.NET did not support rsa-sha2-256 and rsa-sha2-512 until version 2023.0.0: https://github.com/sshnet/SSH.NET/issues/825
Answered By - Martin Prikryl Answer Checked By - Mary Flores (WPSolving Volunteer)