2024.1.0 version problem

[ibalmaci]

When I try to connect with Ssh.net 2024.1.0 to Globalscape Eft 8.2.1.30, get following error:

An established connection was aborted by the server. 
   at Renci.SshNet.Session.WaitOnHandle(WaitHandle waitHandle, TimeSpan timeout)
   at Renci.SshNet.Session.Connect()
   at Renci.SshNet.BaseClient.CreateAndConnectSession()
   at Renci.SshNet.BaseClient.Connect()

But, with 2024.0.0 version, there is no problem. I supposed there's a MAC algorithm problem.

[Rob-Hague]

Strange, there were no algorithms removed between 2024.0.0 and 2024.1.0. There were aes-gcm ciphers added, and also the strict-kex extension

I do see this kb but they don't provide any information about the algorithms that the server offers.

Could you see what algorithms the server is offering? You can do that with nmap:

nmap --script ssh2-enum-algos -p 22 example.com

Or you might be able to inspect these properties on the ConnectionInfo instance in the library (if they get set before the connection drops):

client.ConnectionInfo.CurrentKeyExchangeAlgorithm
client.ConnectionInfo.CurrentServerEncryption
client.ConnectionInfo.CurrentServerHmacAlgorithm
client.ConnectionInfo.CurrentHostKeyAlgorithm
client.ConnectionInfo.CurrentServerCompressionAlgorithm

You can also try this before connecting to rule out aes-gcm:

client.ConnectionInfo.Encryptions.Remove("aes128-gcm@openssh.com");
client.ConnectionInfo.Encryptions.Remove("aes256-gcm@openssh.com");

[ibalmaci]

And I also added following line before connection:

client.ConnectionInfo.CompressionAlgorithms.Remove("zlib@openssh.com");

And the connection was successfully established with 2024.1.0 version. But I'm not sure if this still counts as a bug.

Thank you

[Rob-Hague]

Glad you got it working. It sounds like a bug but hard to tell whose side it is on

For posterity, was it only the zlib@openssh.com that you had to remove or also the aes-gcm algorithms?