Our Products:   CompleteFTP  edtFTPnet/Free  edtFTPnet/PRO  edtFTPj/Free  edtFTPj/PRO
Ask a Question

InvalidSshKeySignatureException during user/pass authentication

0 votes
38 views
in Java FTP by (210 points)
recategorized by

During user/pass authentication to WING FTP server using following code:

Version used: 7.6.0

SSHFTPClient sftp = new SSHFTPClient();
sftp.setRemoteHost("127.0.0.10");
sftp.setRemotePort(37770);
sftp.getValidator().setHostValidationEnabled(false);
sftp.setAuthentication("test", "test123");
sftp.connect();

 InvalidSshKeySignatureException is thrown:

2024-04-24 21:06:50.599 [EOD_FM_BILLSPAYMENT] [TSK_001] [30128] [DEBUG] Agent - DEBUG [SSHFTPClient] 24 Apr 2024 21:06:50.578 : Created SFTP client.

2024-04-24 21:06:50.640 [EOD_FM_BILLSPAYMENT] [TSK_001] [30128] [DEBUG] Agent - INFO [SCPClient] 24 Apr 2024 21:06:50.640 : SCPClient settings validated.

2024-04-24 21:06:50.640 [EOD_FM_BILLSPAYMENT] [TSK_001] [30128] [DEBUG] Agent - DEBUG [SCPClient] 24 Apr 2024 21:06:50.640 : Connecting to 127.0.0.10:37770

2024-04-24 21:06:50.640 [EOD_FM_BILLSPAYMENT] [TSK_001] [30128] [DEBUG] Agent - DEBUG [SCPClient] 24 Apr 2024 21:06:50.640 : Version: 7.6.0

2024-04-24 21:06:50.640 [EOD_FM_BILLSPAYMENT] [TSK_001] [30128] [DEBUG] Agent - DEBUG [StreamSocketFactory] 24 Apr 2024 21:06:50.640 : Connecting to 127.0.0.10:37770 via standard socket

2024-04-24 21:06:50.640 [EOD_FM_BILLSPAYMENT] [TSK_001] [30128] [DEBUG] Agent - DEBUG [StreamSocketFactory] 24 Apr 2024 21:06:50.640 : setSoTimeout(60000)

2024-04-24 21:06:50.657 [EOD_FM_BILLSPAYMENT] [TSK_001] [30128] [DEBUG] Agent - INFO [TransportProtocolCommon] 24 Apr 2024 21:06:50.657 : Timeout=60000

2024-04-24 21:06:50.671 [EOD_FM_BILLSPAYMENT] [TSK_001] [30128] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:50.671 : Starting transport protocol

2024-04-24 21:06:50.671 [EOD_FM_BILLSPAYMENT] [TSK_001] [30128] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:50.671 : Wait for state update timeout=60000

2024-04-24 21:06:50.671 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [State] 24 Apr 2024 21:06:50.671 : Updated state to 2

2024-04-24 21:06:50.671 [EOD_FM_BILLSPAYMENT] [TSK_001] [30128] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:50.671 : Wait for state update timeout=60000

2024-04-24 21:06:50.671 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:50.671 : Registering transport protocol messages with inputstream

2024-04-24 21:06:50.734 [] [Transport protocol 1] [] [DEBUG] Agent - INFO [cryptix] 24 Apr 2024 21:06:50.734 : GLOBAL_TRACE=false

2024-04-24 21:06:50.734 [] [Transport protocol 1] [] [DEBUG] Agent - INFO [cryptix] 24 Apr 2024 21:06:50.734 : GLOBAL_DEBUG=false

2024-04-24 21:06:50.734 [] [Transport protocol 1] [] [DEBUG] Agent - INFO [cryptix] 24 Apr 2024 21:06:50.734 : GLOBAL_DEBUG_SLOW=false

2024-04-24 21:06:50.734 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:50.734 : Negotiating protocol version

2024-04-24 21:06:50.734 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:50.734 : Local identification: SSH-2.0-edtFTPjPRO_7.6.0

2024-04-24 21:06:50.734 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:50.734 : Read: 'SSH-2.0-WingFTPServer

'

2024-04-24 21:06:50.734 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:50.734 : EOL is guessed at CR+LF

2024-04-24 21:06:50.734 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:50.734 : Remote identification: 'SSH-2.0-WingFTPServer'

2024-04-24 21:06:50.734 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:50.734 : Protocol negotiation complete

2024-04-24 21:06:50.734 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [State] 24 Apr 2024 21:06:50.734 : Updated state to 3

2024-04-24 21:06:50.734 [EOD_FM_BILLSPAYMENT] [TSK_001] [30128] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:50.734 : Wait for state update timeout=60000

2024-04-24 21:06:50.734 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:50.734 : Name=SSH_MSG_KEX_INIT,MessageId=20

Supported Kex ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group14-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256,ext-info-c

Supported Public Keys ssh-rsa,rsa-sha2-256,rsa-sha2-512,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-dss

Supported Encryption Client->Server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr,blowfish-cbc,arcfour

Supported Encryption Server->Client aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr,blowfish-cbc,arcfour

Supported Mac Client->Server hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-sha2-256,hmac-sha256,hmac-sha2-512,hmac-sha512

Supported Mac Server->Client hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-sha2-256,hmac-sha256,hmac-sha2-512,hmac-sha512

Supported Compression Client->Server none,zlib,zlib@openssh.com

Supported Compression Server->Client none,zlib,zlib@openssh.com

Supported Languages Client->Server 

Supported Languages Server->Client 

First Kex Packet Follows [FALSE]

2024-04-24 21:06:50.734 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:50.734 : Sending SSH_MSG_KEX_INIT

2024-04-24 21:06:50.750 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [SshMsgKexInit] 24 Apr 2024 21:06:50.750 : Packetlength=532, Paddinglength=7

2024-04-24 21:06:50.750 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:50.750 : Received registered message: SSH_MSG_KEX_INIT

2024-04-24 21:06:50.750 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:50.750 : Received Name=SSH_MSG_KEX_INIT,MessageId=20

Supported Kex curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512

Supported Public Keys ecdsa-sha2-nistp256,rsa-sha2-512,rsa-sha2-256,ssh-rsa

Supported Encryption Client->Server aes256-ctr,aes192-ctr,aes128-ctr

Supported Encryption Server->Client aes256-ctr,aes192-ctr,aes128-ctr

Supported Mac Client->Server hmac-sha2-256,hmac-sha2-512,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com

Supported Mac Server->Client hmac-sha2-256,hmac-sha2-512,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com

Supported Compression Client->Server none

Supported Compression Server->Client none

Supported Languages Client->Server 

Supported Languages Server->Client 

First Kex Packet Follows [FALSE]

2024-04-24 21:06:50.750 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:50.750 : Starting key exchange

2024-04-24 21:06:50.750 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:50.750 : Determine Algorithm

2024-04-24 21:06:50.750 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:50.750 : Client Algorithms: [ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group1-sha1, diffie-hellman-group14-sha1, diffie-hellman-group14-sha256, diffie-hellman-group-exchange-sha1, diffie-hellman-group-exchange-sha256, ext-info-c]

2024-04-24 21:06:50.750 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:50.750 : Server Algorithms: [curve25519-sha256, curve25519-sha256@libssh.org, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group16-sha512, diffie-hellman-group18-sha512]

2024-04-24 21:06:50.750 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:50.750 : Returning ecdh-sha2-nistp256

2024-04-24 21:06:50.750 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:50.750 : Key exchange algorithm: ecdh-sha2-nistp256

2024-04-24 21:06:50.750 [] [Transport protocol 1] [] [DEBUG] Agent - INFO [ECDHSha2] 24 Apr 2024 21:06:50.750 : Starting client side key exchange.

2024-04-24 21:06:51.296 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:51.296 : Sending SSH_MSG_KEX_ECDH_INIT

2024-04-24 21:06:51.322 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:51.322 : Received unregistered message: SSH_MSG_KEX_ECDH_REPLY

2024-04-24 21:06:51.362 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [ECDHSha2] 24 Apr 2024 21:06:51.362 : calculateExchangeHash()

2024-04-24 21:06:51.393 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:51.381 : Verifying host [127.0.0.10]:37770

2024-04-24 21:06:51.393 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:51.393 : Determine Algorithm

2024-04-24 21:06:51.393 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:51.393 : Client Algorithms: [ssh-rsa, rsa-sha2-256, rsa-sha2-512, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, ssh-dss]

2024-04-24 21:06:51.393 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:51.393 : Server Algorithms: [ecdsa-sha2-nistp256, rsa-sha2-512, rsa-sha2-256, ssh-rsa]

2024-04-24 21:06:51.393 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:51.393 : Returning ssh-rsa

2024-04-24 21:06:51.393 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [TransportProtocolCommon] 24 Apr 2024 21:06:51.393 : Selected algorithm ssh-rsa

2024-04-24 21:06:51.393 [] [Transport protocol 1] [] [DEBUG] Agent - DEBUG [SshRsaPublicKey] 24 Apr 2024 21:06:51.393 : Signature length=276

2024-04-24 21:06:51.393 [] [Transport protocol 1] [] [DEBUG] Agent - ERROR [SshRsaPublicKey] 24 Apr 2024 21:06:51.393 : Header (rsa-sha2-256) does not match algorithm (ssh-rsa)

2024-04-24 21:06:51.410 [] [Transport protocol 1] [] [DEBUG] Agent - ERROR [SshRsaPublicKey] 24 Apr 2024 21:06:51.393 : Failed to read signature : The signature is invalid

com.enterprisedt.net.j2ssh.transport.publickey.InvalidSshKeySignatureException: The signature is invalid

at com.enterprisedt.net.j2ssh.transport.publickey.rsa.SshRsaPublicKey.verifySignature(SshRsaPublicKey.java:183)

at com.enterprisedt.net.j2ssh.transport.TransportProtocolClient.verifyHostKey(TransportProtocolClient.java:559)

at com.enterprisedt.net.j2ssh.transport.TransportProtocolClient.performKeyExchange(TransportProtocolClient.java:456)

at com.enterprisedt.net.j2ssh.transport.TransportProtocolCommon.beginKeyExchange(TransportProtocolCommon.java:733)

1 Answer

+1 vote
by (8.5k points)
selected by
 
Best answer
Hi,

There was a bug in older versions of Wing FTP Server. Please check log for the Wing server version number or refer to the server admin to check.
by (210 points)
Thanks, we used WingFTP v.7.2.0 and in release notes i found following:

WingFTP 7.3.1: Fixed a bug - Some SFTP client can't connect to WingFTP with an error "failed to exchange keys", caused by the host key algorithm's order.

Is there any way to workaround this from client side? Or the only way to fix that is by upgrading WingFTP version?
by (161k points)
There's no workaround currently, and since it's an easy solution to upgrade, we don't plan to add one.

Categories

EnterpriseDT 2020
...