Share via

SFTP linked service erroring with "Failed to negotiate key exchange algorithm"

Ben Dunmire 26 Reputation points
2022-02-28T23:18:50.697+00:00

I am setting up a linked service in Azure Data Factory using an SFTP connection to a SmartFile.com site. In setting up the connection, I am receiving Error code 22665 "Failed to negotiate key exchange algorithm." An example Activity ID failure is 88f543e3-1bde-45a3-8b3f-4832a9b2ea52.

I am attempting to connect via basic auth (username and password), and I have no trouble connecting this way via desktop FTP client. I have tried with and without "SSH Host Key Finger-print" using both SHA-256 and MD5 formats for the fingerprint identifier within ADF.

I have validated between ADF and SmartFile documentation and they support a number of the same SSH ciphers, though I'm not sure if I can force ADF to pick which one to use. Based on documentation, it seems like they should be using the same expected algorithms when forming a connection. I have tried enabling the "allowKeyboardInteractiveAuth" setting in ADF in case the FTP site is prompting for manual password entry upon log in but that has not made a difference. Whenever logging in via desktop FTP client, I do get a password prompt, but again this hasn't made a difference for the linked service.

There should be not need to use SSH private key for connectivity, as only basic authentication is required (and works via FTP client). There seems to be some level of disconnect with ADF as it goes to the SFTP site and provide username/password. I am able to form an FTP linked service to the site via ADF and it works fine (albeit very slow and unsecured). I am using Azure IR for compute. Any thoughts on other things to try or technical maneuvers would be helpful.

Azure Data Factory
Azure Data Factory
An Azure service for ingesting, preparing, and transforming data at scale.
11,625 questions
0 comments
Accepted answer
  1. KranthiPakala-MSFT 46,642 Reputation points Microsoft Employee Moderator
    2022-03-03T00:36:13.403+00:00

    Hello @Ben Dunmire ,

    Thanks for the question and using MS Q&A platform.

    As we understand the ask here is that your SFTP linked service is erroring with Failed to negotiate key exchange algorithm. Please correct me if I'm not clear.

    By looking at the error message, my assumption is that SSH key exchange algorithm is not supported by the server.

    ADF leverages SSH.NET to connect SFTP server, the nuget version is 2016.1.0, the supported key exchange algorithms include:

    diffie-hellman-group-exchange-sha256
    diffie-hellman-group-exchange-sha1
    diffie-hellman-group14-sha1
    diffie-hellman-group1-sha1

    Could you please try adding above supported SSH key exchange algorithms on the server and see if that helps resolve your problem?

    Hope this info helps. Please do let me if you have any queries.

    • Please don't forget to click on 130616-image.png or upvote 130671-image.png button whenever the information provided helps you. Original posters help the community find answers faster by identifying the correct answer. Here is how
    • Want a reminder to come back and check responses? Here is how to subscribe to a notification
      • If you are interested in joining the VM program and help shape the future of Q&A: Here is how you can be part of Q&A Volunteer Moderators
    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.