Topic "Error: Key-exchange algorithm diffie-hellman-group1 -sha1 was not verified!"

Author Message
tester

Guest


Hi,
I'm trying to write a simple c# program just to scp a file to another device running linux.

the program run just fine when i sent file to one linux system, but got this error "Error: Key-exchange algorithm diffie-hellman-group1 -sha1 was not verified!" when I tried to sent to some other linux machine.

when i use winSCP, the warning poped up say "The first key-exchange algorithm supported by teh server is diffie-hellman-group1 -sha1, which is below the configured warning threshold." and i click yes to continue and it works just fine. so some how winSCP can bypass this when i click yes to continue.

how do I bypass this key-exchange error when written in c#? I don't care about security, just want to transfer a file.

thanks
Advertisements
markvmt

Guest


I'm running into the same issue, has anyone found a work around?
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 25015
Location: Prague, Czechia
You can use KEX raw session setting:
https://winscp.net/eng/docs/rawsettings

Easy way is to
- configure your session in WinSCP GUI
- move the "Diffie-Hellman Group 1" above the warning threshold:
https://winscp.net/eng/docs/ui_login_kex
- have WinSCP generate the code for you:
https://winscp.net/eng/docs/ui_generateurl#code
r4v3n
[View user's profile]

Joined: 2016-05-24
Posts: 3
I also face same issue, and it is not always easy to recompile your automation applications which use this when you change the default settings.
It would be great with .ini, registry or other way to change this default value for user@site or globally so we don't have to recompile our automations. E g in my case I am not in control of the automation application and cannot recompile this, only the settings of site, user, port, file name mask, polling interval etc. I have some intermittent issues in older 5.x version so I would like to use the latest.

I created this bug to track this issue:
https://winscp.net/forum/viewtopic.php?t=23731
DOR B

Guest


I HAVE ENCOUNTER THE SAME PROBLEM,SIMPLY ADD RAW SETTING : sessionOptions.AddRawSettings("KEX", "ecdh,dh-gex-sha1,dh-group14-sha1,rsa,dh-group1-sha1,WARN");
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License