I am using WinSCP .NET assembly to connect with one SFTP and getting error on Session.Open
The client-to-server cipher ChaCha20-Poly1305 was not verified!
Same connection is working when I am using WinSCP application with one warning. I am using WinSCP 6.3.5.
// Setup session options
SessionOptions sessionOptions = new SessionOptions
{
Protocol = Protocol.Sftp,
HostName = _Host,
UserName = _Username,
Password = _Password,
PortNumber = _Port,
SshHostKeyFingerprint = "ssh-rsa 4096 ***************************"
};
using (Session session = new Session())
{
session.SessionLogPath = "text.log";
// On below line I am getting error
session.Open(sessionOptions);
}
2024-10-23 10:34:03.901 --------------------------------------------------------------------------
2024-10-23 10:34:03.901 WinSCP Version 6.3.5 (Build 14991 2024-09-10) (OS ********)
2024-10-23 10:34:03.901 Configuration: nul
2024-10-23 10:34:03.901 Log level: Normal
2024-10-23 10:34:03.901 Local account: ********
2024-10-23 10:34:03.902 Working directory: ********
2024-10-23 10:34:03.902 Process ID: ********
2024-10-23 10:34:03.949 Ancestor processes: ********, msvsmon, devenv, explorer, ...
2024-10-23 10:34:03.949 Command-line: ********
2024-10-23 10:34:03.950 Time zone: ********
2024-10-23 10:34:03.950 Login time: Wed, 23 Oct, 2024 10:34:03
2024-10-23 10:34:03.950 --------------------------------------------------------------------------
2024-10-23 10:34:03.950 Script: Retrospectively logging previous script records:
2024-10-23 10:34:03.950 Script: option batch on
2024-10-23 10:34:03.950 Script: batch on
2024-10-23 10:34:03.950 Script: reconnecttime 120
2024-10-23 10:34:03.950 Script: option confirm off
2024-10-23 10:34:03.950 Script: confirm off
2024-10-23 10:34:03.950 Script: option reconnecttime 120
2024-10-23 10:34:03.950 Script: reconnecttime 120
2024-10-23 10:34:03.950 Script: open sftp://******** -hostkey="ssh-rsa 4096 ********" -timeout=15
2024-10-23 10:34:03.950 --------------------------------------------------------------------------
2024-10-23 10:34:03.950 Session name: ********@******** (Ad-Hoc site)
2024-10-23 10:34:03.950 Host name: ******** (Port: ********)
2024-10-23 10:34:03.950 User name: ******** (Password: Yes, Key file: No, Passphrase: No)
2024-10-23 10:34:03.950 Tunnel: No
2024-10-23 10:34:03.950 Transfer Protocol: SFTP
2024-10-23 10:34:03.950 Ping type: Off, Ping interval: 30 sec; Timeout: 15 sec
2024-10-23 10:34:03.950 Disable Nagle: No
2024-10-23 10:34:03.950 Proxy: None
2024-10-23 10:34:03.950 Send buffer: 262144
2024-10-23 10:34:03.950 Compression: No
2024-10-23 10:34:03.950 Bypass authentication: No
2024-10-23 10:34:03.950 Try agent: Yes; Agent forwarding: No; KI: Yes; GSSAPI: Yes
2024-10-23 10:34:03.950 GSSAPI: KEX: No; Forwarding: No; Libs: gssapi32,sspi,custom; Custom:
2024-10-23 10:34:03.950 Ciphers: aes,chacha20,aesgcm,3des,WARN,des,blowfish,arcfour; Ssh2DES: No
2024-10-23 10:34:03.951 KEX: ntru-curve25519,ecdh,dh-gex-sha1,dh-group18-sha512,dh-group17-sha512,dh-group16-sha512,dh-group15-sha512,dh-group14-sha1,rsa,WARN,dh-group1-sha1
2024-10-23 10:34:03.951 SSH Bugs: Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto
2024-10-23 10:34:03.951 Simple channel: Yes
2024-10-23 10:34:03.951 Return code variable: Autodetect; Lookup user groups: Auto
2024-10-23 10:34:03.951 Shell: default
2024-10-23 10:34:03.951 EOL: LF, UTF: Auto
2024-10-23 10:34:03.951 Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes; Follow directory symlinks: No
2024-10-23 10:34:03.951 LS: ls -la, Ign LS warn: Yes, Scp1 Comp: No; Exit code 1 is error: No
2024-10-23 10:34:03.951 SFTP Bugs: Auto,Auto
2024-10-23 10:34:03.951 SFTP Server: default
2024-10-23 10:34:03.951 Local directory: default, Remote directory: home, Update: Yes, Cache: Yes
2024-10-23 10:34:03.951 Cache directory changes: Yes, Permanent: Yes
2024-10-23 10:34:03.951 Recycle bin: Delete to: No, Overwritten to: No, Bin path:
2024-10-23 10:34:03.951 DST mode: Unix
2024-10-23 10:34:03.951 --------------------------------------------------------------------------
2024-10-23 10:34:03.951 Script: Searching for host...
2024-10-23 10:34:03.952 Looking up host "********" for SSH connection
2024-10-23 10:34:03.954 Connecting to ******** port ********
2024-10-23 10:34:04.437 Connected to ********
2024-10-23 10:34:04.437 Script: Connecting to host...
2024-10-23 10:34:04.437 We claim version: SSH-2.0-WinSCP_release_6.3.5
2024-10-23 10:34:04.438 Connected to ********
2024-10-23 10:34:04.914 Remote version: SSH-2.0-8.1.0.0_openssh ******** :: SFTP-UAT
2024-10-23 10:34:04.914 Using SSH protocol version 2
2024-10-23 10:34:04.914 Have a known host key of type rsa2
2024-10-23 10:34:05.362 SSH connection is vulnerable to 'Terrapin' attack (CVE-2023-48795)
2024-10-23 10:34:05.366 Asking user:
2024-10-23 10:34:05.366 **Security Alert**
2024-10-23 10:34:05.366
2024-10-23 10:34:05.367 The client-to-server cipher selected for this session is ChaCha20-Poly1305, which, with this server, is vulnerable to the 'Terrapin' attack CVE-2023-48795, potentially allowing an attacker to modify the encrypted session.
2024-10-23 10:34:05.367
2024-10-23 10:34:05.367 Upgrading, patching, or reconfiguring this SSH server is the best way to avoid this vulnerability, if possible.
2024-10-23 10:34:05.367
2024-10-23 10:34:05.367 You can also avoid this vulnerability by abandoning this session, moving ChaCha20-Poly1305 to below the 'warn below here' line in WinSCP's SSH cipher configuration (so that an algorithm without the vulnerability will be selected), and starting a new session.
2024-10-23 10:34:05.367
2024-10-23 10:34:05.367 Do you want to accept the risk and continue with this session? ()
2024-10-23 10:34:05.367 Script: Security Alert
2024-10-23 10:34:05.367
2024-10-23 10:34:05.367 The client-to-server cipher selected for this session is ChaCha20-Poly1305, which, with this server, is vulnerable to the 'Terrapin' attack CVE-2023-48795, potentially allowing an attacker to modify the encrypted session.
2024-10-23 10:34:05.367 Upgrading, patching, or reconfiguring this SSH server is the best way to avoid this vulnerability, if possible.
2024-10-23 10:34:05.367
2024-10-23 10:34:05.367 You can also avoid this vulnerability by abandoning this session, moving ChaCha20-Poly1305 to below the 'warn below here' line in WinSCP's SSH cipher configuration (so that an algorithm without the vulnerability will be selected), and starting a new session.
2024-10-23 10:34:05.367
2024-10-23 10:34:05.367 Do you want to accept the risk and continue with this session?
2024-10-23 10:34:05.369 Answer: No
2024-10-23 10:34:05.369 Attempt to close connection due to fatal exception:
2024-10-23 10:34:05.369 The client-to-server cipher ChaCha20-Poly1305 was not verified!
2024-10-23 10:34:05.369 Closing connection.
2024-10-23 10:34:05.371 Script: The client-to-server cipher ChaCha20-Poly1305 was not verified!
0
In WinSCP .NET assembly, you cannot accept vulnerable ciphers.
But you can use Cipher setting to give preference to other ciphers over ChaCha20, for example:
sessionOptions.AddRawSettings("Cipher", "aes,aesgcm,3des,WARN,chacha20,des,blowfish,arcfour");
Hopefully your server supports at least one secure cipher.
1