Closed adamdecaf closed 3 years ago
I created a branch off of v0.8.0-rc4
in hopes a simple update of pkg/sftp
and x/crypto
does the trick. I'm thinking otherwise we would need to update the low level ssh config initialized.
fyi, this key exchange algorithm has been supported for a while. I haven't verified the defaults in pkg/sftp yet.
https://github.com/golang/crypto/blame/afb6bcd081ae5258e9449bf8b9af19593c9b261f/ssh/kex.go#L34
pkg/sftp v0.12.0 changelog - https://github.com/pkg/sftp/releases/tag/v1.12.0
Fixed in v0.9.2!
PayGate Version:
v0.8.0-rc4
What were you trying to do? The following error occurred with Drahomir's paygate instance in production, which is breaking their ability to upload files. Sounds like their ODFI upgraded their server and only offers a newer DHE key exchange.
What did you expect to see? File uploads should be secure and work properly.