Toad World® Forums

SFTP error - The Negotiation of Key Exchange method failed

Credentials entered exactly as stored and working in FileZilla. Password with no key. Other connections via SFTP work

The error that comes up when hitting Test is "The Negotiation of Key Exchange method failed"

Question - since it's working for connecting to other hosts via SFTP (only difference being the host-address), is the issue in the client (TOAD) or the host?

Log-dump below


Exception Information


Exception: EnterpriseDT.Net.Ftp.Ssh.SFTPException
Message : The negotiation of key exchange method has failed
Stack Trace:
at EnterpriseDT.Net.Ftp.Ssh.SSHFTPClient.Connect()
at EnterpriseDT.Net.Ftp.SecureFTPConnection.Connect()
at Quest.Toad.Workflow.Activities.FtpRemoteDirBrowser.ftpRemoteFileList1_Load(Object sender, EventArgs e)
at System.EventHandler.Invoke(Object sender, EventArgs e)
at System.Windows.Forms.UserControl.OnLoad(EventArgs e)
at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
at System.Windows.Forms.Control.CreateControl()
at System.Windows.Forms.Control.WmShowWindow(Message& m)
at System.Windows.Forms.Control.WndProc(Message& m)
at System.Windows.Forms.Form.WmShowWindow(Message& m)
at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)


Hi - I think the best bet would be to have a support engineer take a look at this issue. Would you be able to open a support ticket on this? support.quest.com

Thank you Julie for the reply. I will do just that

I've been in contact with both Quest support as well as support for the partner who's FTP site I was trying to connect to. On Quest's side the issue has been pushed over to their European engineering team (according to their support rep).
Our partner's support engineer indicated a possible cause which I've quoted here,

"When I see this (or similar) most often, it's been due to using an older SFTP client that expects old ciphers and key exchange algorithms of the server, but we have disabled a number of these due to them being flagged insecurity audits.

The two key exchange algorithms I see we have available are:

curve25519-sha256@libssh.org
diffie-hellman-group-exchange-sha256

Does a new version of TOAD support either of those? "

I'll update this thread with any possible resolution or additional info

This issue has been identified as a work-item for the development team. I've received the following information from Juan with the awesome support group.

"The issue reported in Service Request 4967467 has been identified as a defect QAT-16741. and raised with our Product team. The defect will be evaluated by our Product team for inclusion in a future release of Toad Data Point."