SFTP connectivty issue reported with regard to KB5044277 - Cumulative update for Oct'24 for Win2k19 std

Question

Recently we encoutered SFTP disconnectivty issue to a Win2k19 std server running SFTP services in the form of OpenSSH.

We were trying to connect to that win2k19 server via ssh but it automatically closes the session. We tried from different client PCs, but still the same issue. The SSH sessions were getting automatically closed.

We came to know from one of our colleagues working for some other customer that KB5044277 was causing the issue.

So we uninstalled the patch from the SFTP server and post that it was working and ssh sessions were getting established, without getting terminated instantly.

But on checking online, I did not find any relevant issues and fixes with regards to the October cumulative Update.

I hope this forum will help me to answer my query.

Thanks.

Answer 1

Hello

Thank you for posting in Q&A forum.

The October 2024 cumulative update (KB5044277) has been reported to cause issues with OpenSSH, leading to SFTP session interruptions.

Here are a few steps you can try to resolve the issue:

1. Uninstall the KB5044277 Update: Since you've already done this and it resolved the issue, it confirms that the update is the root cause.
2. Delete or Rename the SSH Log Directory: Some users have reported that deleting or renaming the directory can help resolve the issue:\ProgramData\SSH\logs. This might allow the SSH service to start normally again.

October 8, 2024—KB5044277 (OS Build 17763.6414) - Microsoft Support

As of now, there hasn't been a specific patch released to address the SFTP disconnectivity issue caused by KB5044277. However, Microsoft is aware of the issue and it's possible that a fix will be included in a future update.

In the meantime, you can keep an eye on the Microsoft Support page for any updates or workarounds provided by Microsoft. Additionally, you can try the steps we discussed earlier, such as uninstalling the problematic update or renaming the SSH log directory.

Best regards

Yanhong

=====================================

If the answer is helpful, please click "Accept answer" and upvote it

Answer 2

Start by doing basic problem determination. Is the service running? Does the service start but crashes when a user connects? What entries do you see in the OpenSSH log on the server?

https://github.com/PowerShell/Win32-OpenSSH/wiki/Logging-Facilities

When you run the ssh client with debugging on (ssh -vvv) what messages do you get?

https://www.tecmint.com/enable-debugging-mode-in-ssh/

If you have modified the file permissions on C:\ProgramData\ssh then you may have the problem that I helped this user with.

https://learn.microsoft.com/en-us/answers/questions/2110625/service-is-not-starting

Answer 3

The OpenSSH service was running smoothly.

Post updating the server with Oct month cumulative patches, ssh sessions were getting established. But after patching, the issue arised.

So the KB was uninstalled and post that sessions started getting established and issue got resolved.

But I want to know why this KB had caused the issue?

Answer 4

Just an additional information from a client's point of view.

I got the following error from ssh-client while doing an scp from Solaris to a win 2K19-Server.

no hostkey alg
lost connection

we're using ssh-rsa for authentication. So I was afraid that rsa is deprecated for some reason. But I found no regarding information so far.

Uninstalling KB5044277 helped so far.

Answer 5

The issue was due to installation of OpenSSH 9.5 which had come packaged with the cumulative update.

OpenSSH 9.5 doesn't support the deprecated RSA-SHA key . Actually this key has been deprecated since the release of OpenSSH 8.1.

In my case, the server which had issue had OpenSSH 7.7 which supports the deprecated RSA key . But on installing the cumulative update , the OpenSSH version upgraded from 7.7 to 9.5 which in then shows no support for RSA-SHA key and hence clients trying to establish SSH sessions to the server were getting immediately dropped.