Problem

When using SecureTransport 5.5-20201029 for SFTP connections to or from Transfer CFT, the connection may fail with an ERROR similar to the one below:

Failure Details: Connection failure while connecting to remote host CFTHOST:1763 as user STTOCFT: Failed to negotiate a transport component [diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group15-sha512,diffie-hellman-group16-sha512,diffie-hellman-group17-sha512,diffie-hellman-group18-sha512,rsa2048-sha256,ecdh-sha2-nistp384] [curve25519-sha256@libssh.org,ecdh-sha2-nistp256,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1]

This failure can occur in both scenarios:

• When Transfer CFT connects to ST
• When ST connects to Transfer CFT

Resolution

When Transfer CFT connects to ST

Add curve25519-sha256@libssh.org to the SecureTransport's Key Exchange Algorithms list for the SSH service:

The SSH service configuration in ST

Restart SecureTransport's SSH and TM services for the change to take effect.

When ST connects to Transfer CFT

Add curve25519-sha256@libssh.org to the SecureTransport's Key Exchange Algorithms list for Server Initiated Transfers (SITs). The parameter is SSH.SIT.KeyExchangeAlgorithms and is found in the Server Configuarion page.

The Server Configuarion page with the SSH.SIT.KeyExchangeAlgorithms parameter

Restart SecureTransport's SSH and TM services for the change to take effect.