Renci.SshNet在禁用SHA1并启用SHA2时不再起作用

huangapple go评论90阅读模式
英文:

Renci.SshNet no longer working when SHA1 disabled and SHA2 enabled

问题

I've been using Renci SSH.NET 连接到我们的SFTP服务器已经有一年多了,使用SSIS包,没有任何问题。然后,上周开始出现了带有消息"服务器中止了一个已建立的连接"的故障。我被告知SHA1已被禁用,只支持SHA2。我已经查阅了几乎所有我能在网上找到的内容,但没有什么效果。SSH.NET是否不支持SHA2?我已经测试了WinSCP作为替代方案,它可以工作,但我宁愿不切换,除非必要。

为了测试,我向桌面应用程序添加了一些代码。

错误:
Renci.SshNet在禁用SHA1并启用SHA2时不再起作用

在连接中止后,这些是客户端ConnectionInfo属性:
Renci.SshNet在禁用SHA1并启用SHA2时不再起作用

服务器团队的某人在我尝试使用SSH.NET时向我发送了以下内容。

SSH2_MSG_KEXINIT
SSH2_MSG_KEXINIT
SSH2_MSG_KEXDH_INIT
SSH协议错误:无效的密钥交换值。
会话已关闭

List<AuthenticationMethod> authMethods = new List<AuthenticationMethod>();
authMethods.Add(new PasswordAuthenticationMethod(uName, pWord));

ConnectionInfo cInfo = new ConnectionInfo(host, uName, authMethods.ToArray());

cInfo.HmacAlgorithms["hmac-sha2-256"] =
    new HashInfo(256, key => new SshNet.Security.Cryptography.HMACSHA256(key));

SftpClient client = new SftpClient(cInfo);
client.HostKeyReceived += (object obj, HostKeyEventArgs hke) =>
{
  hke.CanTrust = true;
}

client.Connect();
英文:

I've been using Renci SSH.NET to connect to our SFTP server for over a year, within an SSIS package, with no problems. Then last week I began to get failures with the message, "An established connection was aborted by the server". I was told that SHA1 had been disabled and only SHA2 would be supported. I've gone through just about everything I could find online and nothing has worked. Will SSH.NET not support SHA2? I've tested WinSCP as an alternative and it works, but I'd rather not switch unless necessary.

For testing purposes I added some code to a desktop app.

The error
<br/>
Renci.SshNet在禁用SHA1并启用SHA2时不再起作用

After the connection is aborted these are the client ConnectionInfo properties.
Renci.SshNet在禁用SHA1并启用SHA2时不再起作用

A person on the server team sent me this when I attempted to use SSH.NET.
> SSH2_MSG_KEXINIT<br/>
> SSH2_MSG_KEXINIT<br/>
> SSH2_MSG_KEXDH_INIT<br/>
> SSH Protocol Error: invalid key exchange value.<br/>
> Closed session

List&lt;AuthenticationMethod&gt; authMethods = new List&lt;AuthenticationMethod&gt;();
authMethods.Add(new PasswordAuthenticationMethod(uName, pWord));

ConnectionInfo cInfo = new ConnectionInfo(host,uName,authMethods.ToArray());

cInfo.HmacAlgorithms[&quot;hmac-sha2-256&quot;] =
    new HashInfo(256, key =&gt; new SshNet.Security.Cryptography.HMACSHA256(key));

SftpClient client = new SftpClient(cInfo);
client.HostKeyReceived += (object obj, HostKeyEventArgs hke) =&gt;
{
  hke.CanTrust = true;
}

client.Connect();

答案1

得分: 1

确实,似乎 SSH.NET 尚不支持 rsa-sha2-256 和 rsa-sha2-512:
https://github.com/sshnet/SSH.NET/issues/825

讨论中包括临时解决方法。

英文:

Indeed, it seems that SSH.NET does not support rsa-sha2-256 and rsa-sha2-512 yet:
https://github.com/sshnet/SSH.NET/issues/825

The discussion includes temporary workarounds.

huangapple
  • 本文由 发表于 2023年6月9日 03:42:13
  • 转载请务必保留本文链接:https://go.coder-hub.com/76435218.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定