Error: Key-exchange algorithm diffie-hellman-group1 -sha1 was not verified!

Advertisement

tester
Guest

Error: Key-exchange algorithm diffie-hellman-group1 -sha1 was not verified!

Hi,
I'm trying to write a simple C# program just to scp a file to another device running Linux.

The program run just fine when I sent file to one Linux system, but got this error
Error: Key-exchange algorithm diffie-hellman-group1 -sha1 was not verified!
when I tried to sent to some other Linux machine.

When I use WinSCP, the warning popped up say
The first key-exchange algorithm supported by the server is diffie-hellman-group1 -sha1, which is below the configured warning threshold.
and I click Yes to continue and it works just fine. So somehow WinSCP can bypass this when I click Yes to continue.

How do I bypass this key-exchange error when written in C#? I don't care about security, just want to transfer a file.

Thanks.

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
41,518
Location:
Prague, Czechia

Re: Error: Key-exchange algorithm diffie-hellman-group1 -sha1 was not verified!

You can use KEX raw session setting:
https://winscp.net/eng/docs/rawsettings

Easy way is to

Reply with quote

r4v3n
Joined:
Posts:
11
Location:
Stockholm, Sweden

I also face same issue, and it is not always easy to recompile your automation applications which use this when you change the default settings.
It would be great with .ini, registry or other way to change this default value for user@site or globally so we don't have to recompile our automations. E g in my case I am not in control of the automation application and cannot recompile this, only the settings of site, user, port, file name mask, polling interval etc. I have some intermittent issues in older 5.x version so I would like to use the latest.

I created this bug to track this issue:
KEX Warn default option change force automation developers to have to recompile their applications

Reply with quote

DOR B
Guest

Add raw settings

I have encounter the same problem, simply add raw setting:
sessionOptions.AddRawSettings("KEX", "ecdh,dh-gex-sha1,dh-group14-sha1,rsa,dh-group1-sha1,WARN");

Reply with quote

Advertisement

2005732
Guest

Support for Diffie Helman SHA1

This worked great for me, thank you.
The extra line of code it generated was this, if it helps anyone.
sessionOptions.AddRawSettings("KEX", "ecdh,dh-gex-sha1,dh-group14-sha1,rsa,dh-group1-sha1,WARN");

Reply with quote

Advertisement

You can post new topics in this forum