KEX Warn default option change force automation developers to have to recompile their applications

Advertisement

r4v3n
Joined:
Posts:
11
Location:
Stockholm, Sweden

KEX Warn default option change force automation developers to have to recompile their applications

New DH-1 KEX default warning causes exception in automation so they stop working.

The change which was introduced in 5.8.3
"Change: By default, warning is issued when using Diffie-Hellman group 1 key exchange algorithm."
causes problems when using automation as there seems to be no way to specify default warning or using .ini file to avoid this.

I have tested to create same user@site and save it to .ini file without warning, but it is not picked up. Also I don't see any SessionOptions in automation for this.

I know there is RAW settings that can be used, but it is not easy to recompile the automation applications as soon as there is a new WinSCP bug fixed version with some new default setting.

Can we have option to specify default KEX Warn server wide or use .ini file that is in same folder where WinSCP.exe automation is running?
Or can we disable this warning in automation code and only log warning to the log file without throwing exception?

Thanks
Niklas

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
41,392
Location:
Prague, Czechia

Re: KEX Warn default option change force automation developers to have to recompile their applications

As you have found already, you can use the "KEX" raw setting.

There's no way to change this globally. If you need to allow global changes by an external configuration file, just implement it yourself.

You can easily introduce a configuration file with a key-value syntax like:
key1=value1
key2=value2

And just call sessionOptions.AddRawSettings(key, value) for each pair.

Though actually, you should upgrade your server not to use an obsolete KEX algorithm!

Reply with quote

Advertisement

You can post new topics in this forum