Search

GlobalSCAPE Knowledge Base

New SFTP library is not allowing connection to remote server

Karla Marsh
EFT

THE INFORMATION IN THIS ARTICLE APPLIES TO:

  • EFT v7.4.13 and later

EFT v8.0 and later store Advanced Properties in a JSON file. When you upgrade from EFT v7.4.x to EFT v8, the non-default settings that you have defined in the registry will be added to the Advanced Properties file during upgrade. (Default settings become part of the EFT configuration files.) For a more on how to use advanced properties, and a spreadsheet of the advanced properties, please refer to the "Advanced Properties" topic in the help for your version of EFT.

DISCUSSION

The new SFTP library is not allowing connections to a remote server using "diffie-hellman-group-exchange-sha256" and “diffie-hellman-group-exchange-sha1“ KEXes.

WORKAROUND

In EFT v8 and later:

Add the name:value pair to the AdvancedProperties.JSON file in EFT's \ProgramData\ directory as described in the "Advanced Properties" topic in the online help for your version of EFT.

{
"SFTPEnableGroupsExchangeKex": false
}

In versions prior to v8.0:

Create the following registry setting:

HKEY_LOCAL_MACHINE\Software\WOW6432Node\GlobalSCAPE Inc.\EFT Server 7.4\

Type: DWORD

Value name: SFTPEnableGroupsExchangeKex

Default Value: 0 (disables both ciphers, "diffie-hellman-group-exchange-sha256" and “diffie-hellman-group-exchange-sha1“)

Cached: Yes

Restart?: Yes

Backup/Restore: Yes

See also https://kb.globalscape.com/KnowledgebaseArticle11439.aspx
Details
Last Modified: 7 Months Ago
Last Modified By: kmarsh
Type: HOTFIX
Rated 3 stars based on 6 votes.
Article has been viewed 70K times.
Options
Also In This Category
Tags