[xubuntu-users] Failure to Connect SFTP Error

Peter Flynn peter at silmaril.ie
Thu Jun 1 22:13:14 UTC 2017 

On 06/01/2017 09:27 PM, Rog wrote:
> I rely on Filezilla to transfer files to my hosting service but it no
> longer works. It fails at the very beginning, failing to connect. Much
> searching w/ Google turns up no answers. Nor does a tech support
> consultation with the hosting service. The failure is NOT due to wrong
> username or password as I can establish ssh connections from the CLI.

It's worrying when this happens, but hosting services are notorious for
changing things which don't affect Mac or Windows users, but which may
affect Linux users.

>From what you quote below it looks like it's having trouble identifying
which key exchange (kex) algorithm to use: the server wants you to use
diffie-hellman-group-exchange-sha256 but Konqueror can only use one of
curve25519-sha256 at libssh.org
ecdh-sha2-nistp256
diffie-hellman-group14-sha1
diffie-hellman-group1-sha1
This post https://ubuntuforums.org/showthread.php?t=2297006 (different
circumstances and different software) explains how to find out what
algorithms are supported, but it's a couple of years old.

At a wild random guess the hosting company has changed things so that
they only support diffie-hellman-group-exchange-sha256, so you'll need
an sftp client that supports that method of key exchange. Obviously
FileZilla doesn't.

Can you try again and note the EXACT date and time, then call tech
support and ask them to check the access logs (eg /var/log/secure) to
find out if they can see a request coming in from your IP address, and
being rejected.

If you search Mr Google for
   filezilla diffie-hellman-group-exchange-sha256
you will gets lots of pages about this problem, so it seems to be well
known. Several posts make the suggestion along the lines of:

> FileZilla's SFTP support is based on PuTTY's psftp. If you change the
> default key exchange cipher priorities in PuTTY, it should also
> affect FileZilla.

but this may only apply to Windows clients. I'm afraid I don't have a
solution (and I just hope my own hosting provider doesn't make the same
move, although I only use FZ very rarely, as sftp from the command line
is fine for my own use).

///Peter


> Konqueror also fails to connect and gives the following, more detailed
> error:
> 
>     The requested operation could not be completed
> 
>     Details of the Request:
>     URL: sftp:// [redacted]
>     Protocol: sftp
>     Date and Time: Thursday, June 01, 2017 04:18 PM
>     Additional Information: kex error : no match for method kex algos:
>     server [diffie-hellman-group-exchange-sha256], client
>     [curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1]
>     Description:
>     kex error : no match for method kex algos: server
>     [diffie-hellman-group-exchange-sha256], client
>     [curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1]
> 
> I note that I've gone so far as deleting all Filezilla-related files and
> re-installing it as well as deleting my known hosts file, to no avail.
> So I turn to this list in desperation. I would really like to continue
> to use Filezilla because it's fast and easy.
> 
> -- 
> Roger
> linux.rog at gmail.com
> 
> 
>

More information about the xubuntu-users mailing list