File Mover Blog

August 28, 2013

SFTP connection to the server is not established. WTF?

You execute a rule which uses SFTP and … nothing. Connection is not established.

SSH family of protocols is complex and various SFTP servers interpret the specifications differently. This leads to the problem, when to connect and interoperate with some server you need to select the right combination of SSH protocol settings.

  1. SFTP protocol has it’s own versions (LimagitoX supports SFTP versions 2 to 6). The server and LimagitoX must have the overlapping set of enabled versions. If the server is configured to support only SFTP 3 and LimagitoX has only versions 4 to 6 enabled, then you don’t get a connection. You need to check and adjust Versions property of LimagitoX. Moreover, some servers work correctly only when just one version (SFTP 3) is enabled. I.e. you might need to enable just SFTP 3 in LimagitoX in order to successfully work with such server.
  2. If the server closes connection without reporting any error, this usually means that you are connecting to the buggy server, which doesn’t interpret the LimagitoX client request correctly. What does this mean? LimagitoX sends the list of known algorithms to the server. The server must ignore the unknown entries in the list of algorithms. However many servers crash or close connection when they come across the name of the algorithm, that they don’t understand. In particular, all 3.x versions of OpenSSH do this. In this case you need to turn off all algorithms besides the very old and well-known (listed below). LimagitoX tries to detect the old servers automatically and disable the newer algorithms. This is controlled by the ‘Auto Adjust Ciphers’ option (default enabled). In most cases this solves the problem. If it does not, disable the ‘Auto Adjust Ciphers’ option and enable the ‘Restrict Algorithms’ option. This will turn off all algorithms besides the very old and well-known (forced).


By Limagito-Team SFTP , Share: