sftpssh2-sftp

SFTP version mismatch - SFTP server only support versions 3

SFTP client initially sends the SSH_FXP_INIT (with version 2). Is there any reason why SFTP server does not send SSH_FXP_VERSION? Instead it is sending SSH_FXP_STATUS with info

SFTP server only support versions 3

How then version negotiation is possible?
Or I am missing something which needs to be done?

I can elaborate the situation more, if anybody likes to understand the problem and help me out. Please help!

Solution

  • Read the SFTP specification:

    When the file transfer protocol starts, the client first sends a SSH_FXP_INIT (including its version number) packet to the server. The server responds with a SSH_FXP_VERSION packet, supplying the lowest of its own and the client's version number. Both parties should from then on adhere to that particular version of the protocol.

    Your client supports SFTP version 2 (and maybe older) only. Your server supports SFTP version 3 (and maybe newer). So negotiation fails.

    SFTP protocol versions below 3 were not really used. So it's quite common that SFTP implementations do not support those versions. The version 3 is by far the most widely used version (supported by the OpenSSH, which does not support newer versions).

    my client code always sends version 2... On sending this to SFTP server, it sends back version 3

    Is it mandatory for SFTP server to reply back SSH_FXP_VERSION with lower version or any default version if client sends SSH_FXP_INIT

    I believe the server violates the standard by responding higher version than the client asked for. But I'm aware that the OpenSSH SFTP server does that. It ignores, what the client asks for and always responds with 3. So I assume your test machine uses the OpenSSH.

    There's actually very small difference between 3 and 2 (and 1 and 0):

    • The SSH_FXP_READLINK and SSH_FXP_SYMLINK messages were added.

    • The SSH_FXP_EXTENDED and SSH_FXP_EXTENDED_REPLY messages were added.

    • The SSH_FXP_STATUS message was changed to include fields 'error message' and 'language tag'.

    So it's quite likely that your SFTP 2 client can talk to the SFTP 3 server, if the client does not choke on the additional field in the SSH_FXP_STATUS responses.

    Actually the OpenSSH SFTP server, while responding with 3, it behaves as 2, if the client asked for 2 (that's imho yet another violation of the specification). It specifically does not add the error message field to the SSH_FXP_STATUS responses, which was added only in 3.

    my other test machine ( oracle MFT ) which only supports version 3, does not send SSH_FXP_VERSION packet, but SSH_FXP_STATUS with info and not communication happens

    That's imho the correct behavior, while unfortunate for you.