Question
· Aug 18, 2023

Setting Encryption Keys for SFTP Upload in Ensemble Production

Hello!

I'm currently trying to setup a SFTP Ensemble production to handle all of my SFTP transactions. It's been going well, but I'm currently running into an issue where it is saying it is unable to exchange encryption keys. Error Below:

 

Unable to exchange encryption keys [80101005] at Session.cpp:238,0' matched ReplyCodeAction 1 : 'E=R' resulting in Action code R

 

Any advice on getting around this would be appreciated.

Product version: HealthShare 2017.2
$ZV: Cache for Windows (x86-64) 2017.2.2 (Build 865_3_19668U)
Discussion (3)2
Log in or sign up to continue

There have been updates to openssh within the last few years that retired older, less secure cypher suites. It's possible that 2017.2 may be old enough to be incompatible with newer versions of the ssh (which sftp relies upon) libraries.

Check with the vendor/customer at the other end of the connection to see if they've made recent changes to their version of ssh.

As part of the encryption negotiation process, there's an exchange of supported cypher suites between the client and server. If there's no match, no connection can be established. No need to force a specific cypher site; all available should be presented by the client during connection negotiation.

If upgrading to a current version of HealthShare/Health Connect is not an option, you could script the transfers outside of the production (batch/powershell/Python/Perl script running under Windows' Scheduler or called from ObjectScript in a Scheduled Task via $ZF(-100) ) and then use a File service/operation to pick them up for processing or drop them off for delivery.