SSH: Avoid advertising support for ECDSA algorithms with Mono.

SSH.NET relies on the System.Security.Cryptography.ECDsaCng class for ECDSA algorithms, which is not implemented in Mono (as of 6.12.0.144). This prevents clients from connecting if one of the ECDSA algorithms is chosen as the host key algorithm. In the event that this causes a connection failure, we will prevent the client from advertising support for ECDSA algorithms and make another connection attempt. Related forum discussion: https://forum.duplicati.com/t/release-2-0-6-1-beta-2021-sftp-failure-synology/12358
author: Kenneth Hsu <kennethhsu@gmail.com> 2021-05-11 19:53:18 +0300
committer: Kenneth Hsu <kennethhsu@gmail.com> 2021-05-11 22:42:34 +0300
commit: 3e2103335bb825dfa212c0a05361631eb56996e3 (patch)
tree: 34c856a4d01039b6fbf223479e498f6450bb03ec /Duplicati/Library
parent: beaf03562fdcf4425e962085bdf7175d6a465f49 (diff)
1 files changed, 35 insertions, 2 deletions
diff --git a/Duplicati/Library/Backend/SSHv2/SSHv2Backend.cs b/Duplicati/Library/Backend/SSHv2/SSHv2Backend.cs
index 61241914d..1efb782d6 100644
--- a/Duplicati/Library/Backend/SSHv2/SSHv2Backend.cs
+++ b/Duplicati/Library/Backend/SSHv2/SSHv2Backend.cs
@@ -273,7 +273,7 @@ namespace Duplicati.Library.Backend
 
             if (m_con != null && !m_con.IsConnected)
             {
-                m_con.Connect();
+                this.TryConnect(m_con);
                 return;
             }
 
@@ -328,11 +328,44 @@ namespace Duplicati.Library.Backend
             if (m_keepaliveinterval.Ticks != 0)
                 con.KeepAliveInterval = m_keepaliveinterval;
 
-            con.Connect();
+            this.TryConnect(con);
 
             m_con = con;
         }
 
+        private void TryConnect(SftpClient client)
+        {
+            try
+            {
+                client.Connect();
+            }
+            catch (NotImplementedException)
+            {
+                // SSH.NET relies on the System.Security.Cryptography.ECDsaCng class for
+                // ECDSA algorithms, which is not implemented in Mono (as of 6.12.0.144).
+                // This prevents clients from connecting if one of the ECDSA algorithms is
+                // chosen as the host key algorithm.  In the event that this causes a
+                // connection failure, we will prevent the client from advertising support
+                // for ECDSA algorithms and make another connection attempt.
+                //
+                // See https://github.com/mono/mono/blob/mono-6.12.0.144/mcs/class/referencesource/System.Core/System/Security/Cryptography/ECDsaCng.cs
+                if (Utility.Utility.IsMono)
+                {
+                    IEnumerable<string> ecdsaKeys = client.ConnectionInfo.HostKeyAlgorithms.Keys.Where(x => x.StartsWith("ecdsa"));
+                    foreach (string key in ecdsaKeys)
+                    {
+                        client.ConnectionInfo.HostKeyAlgorithms.Remove(key);
+                    }
+
+                    client.Connect();
+                }
+                else
+                {
+                    throw;
+                }
+            }
+        }
+
         private void ChangeDirectory(string path)
         {
             if (string.IsNullOrEmpty(path))
author	Kenneth Hsu <kennethhsu@gmail.com>	2021-05-11 19:53:18 +0300
committer	Kenneth Hsu <kennethhsu@gmail.com>	2021-05-11 22:42:34 +0300
commit	3e2103335bb825dfa212c0a05361631eb56996e3 (patch)
tree	34c856a4d01039b6fbf223479e498f6450bb03ec /Duplicati/Library
parent	beaf03562fdcf4425e962085bdf7175d6a465f49 (diff)