SFTP Client Error openssh 6.6
Posted: Mon Apr 10, 2017 7:42 pm
Hi All,
After update sfftp client to latest version, when connect to goanywhere MFT, we received this error:
*** 20170409220945 sftp -oBindAddress=xxxxxx -oUserKnownHostsFile=/dev/null -oStrictHostKeyChecking=no -b /xxx.bat xxxxx:/send
0
DH parameter offered by the server (1024 bits) is considered insecure. You can lower the accepted the minimum via the KexDHMin option.
DH_GEX group out of range: 2048 !< 1024 !< 8192
Cause
A change was made to the openssh package, dealing with Diffie-Hellman Group Exchange. Previously, keys of size 1024 - 8192 could be exchanged. The minimum was raised to 1536 (and later to 2048) for added security and to avoid the "logjam" vulnerability. However, if used with some 3rd party ssh implementations which only support 1024, failure will occur. Ideally, the 3rd party ssh configuration or code should be updated to use larger key sizes.
(NOTE: This key exchange does not refer to public/private key pairs.)
The provider may refer to this article:
https://www.novell.com/support/kb/doc.php?id=7016904
After update sfftp client to latest version, when connect to goanywhere MFT, we received this error:
*** 20170409220945 sftp -oBindAddress=xxxxxx -oUserKnownHostsFile=/dev/null -oStrictHostKeyChecking=no -b /xxx.bat xxxxx:/send
0
DH parameter offered by the server (1024 bits) is considered insecure. You can lower the accepted the minimum via the KexDHMin option.
DH_GEX group out of range: 2048 !< 1024 !< 8192
Cause
A change was made to the openssh package, dealing with Diffie-Hellman Group Exchange. Previously, keys of size 1024 - 8192 could be exchanged. The minimum was raised to 1536 (and later to 2048) for added security and to avoid the "logjam" vulnerability. However, if used with some 3rd party ssh implementations which only support 1024, failure will occur. Ideally, the 3rd party ssh configuration or code should be updated to use larger key sizes.
(NOTE: This key exchange does not refer to public/private key pairs.)
The provider may refer to this article:
https://www.novell.com/support/kb/doc.php?id=7016904