After updating various Fortigate models from version 7.0.13 to 7.0.14 the Kiwi Cattools Backup (Device Backup TFTP) brakes. Kiwi Cattools errorlog: Connection failed (30011) Invalid data received from remote server. Protocol error.
Until V7.0.13 it workd like a charm
We are using the latest version of Kiwi Cattools (3.12.3.3257).
It looks like a cert/cipher Problem. Is there a way to delete a pre-stored server public key of Forti in SolarWind Kiwi Cattools? Putty Login works without any problems.
Here the Fortigate Debuglogs of the Kiwi Cattools Connection :
SSH: This ip "KIWICATSERVERIP" is not blocked
SSH: fd 7 is not O_NONBLOCK
SSH: Forked child 17121.
SSH: Client protocol version 2.0; client software version WeOnlyDo 3.1.5.244
SSH: no match: WeOnlyDo 3.1.5.244
SSH: Enabling compatibility mode for protocol 2.0
SSH: Local version string SSH-2.0-IPgP_x0p6qa_aG
SSH: fd 7 setting O_NONBLOCK
SSH: Proposal: 0, Ciphers: 'diffie-hellman-group-exchange-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521'
SSH: Proposal: 2, Ciphers: 'chacha20-poly1305@openssh.com,aes256-ctr,aes256-gcm@openssh.com'
SSH: Proposal: 3, Ciphers: 'chacha20-poly1305@openssh.com,aes256-ctr,aes256-gcm@openssh.com'
SSH: Proposal: 4, Ciphers: 'hmac-sha2-256,hmac-sha2-256-etm@openssh.com,hmac-sha2-512,hmac-sha2-512-etm@openssh.com'
SSH: Proposal: 5, Ciphers: 'hmac-sha2-256,hmac-sha2-256-etm@openssh.com,hmac-sha2-512,hmac-sha2-512-etm@openssh.com'
SSH: list_hostkey_types: rsa-sha2-512,ssh-ed25519
SSH: SSH2_MSG_KEXINIT sent
SSH: SSH2_MSG_KEXINIT received
SSH: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521
SSH: kex_parse_kexinit: rsa-sha2-512,ssh-ed25519
SSH: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes256-ctr,aes256-gcm@openssh.com
SSH: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes256-ctr,aes256-gcm@openssh.com
SSH: kex_parse_kexinit: hmac-sha2-256,hmac-sha2-256-etm@openssh.com,hmac-sha2-512,hmac-sha2-512-etm@openssh.com
SSH: kex_parse_kexinit: hmac-sha2-256,hmac-sha2-256-etm@openssh.com,hmac-sha2-512,hmac-sha2-512-etm@openssh.com
SSH: kex_parse_kexinit: none,zlib@openssh.com
SSH: kex_parse_kexinit: none,zlib@openssh.com
SSH: kex_parse_kexinit:
SSH: kex_parse_kexinit:
SSH: kex_parse_kexinit: first_kex_follows 0
SSH: kex_parse_kexinit: reserved 0
SSH: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group14-sha256,diffie-hellman-group18-sha512,diffi
SSH: kex_parse_kexinit: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss,ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256
SSH: kex_parse_kexinit: aes128-ctr,aes128-gcm@openssh.com,aes128-cbc,chacha20-poly1305@openssh.com,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-gcm@openssh.com,aes256-ctr,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu
SSH: kex_parse_kexinit: aes128-ctr,aes128-gcm@openssh.com,aes128-cbc,chacha20-poly1305@openssh.com,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-gcm@openssh.com,aes256-ctr,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu
SSH: kex_parse_kexinit: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96,hmac-md5,none
SSH: kex_parse_kexinit: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96,hmac-md5,none
SSH: kex_parse_kexinit: none,none
SSH: kex_parse_kexinit: none,none
SSH: kex_parse_kexinit:
SSH: kex_parse_kexinit:
SSH: kex_parse_kexinit: first_kex_follows 0
SSH: kex_parse_kexinit: reserved 0
SSH: kex: host key algorithm: rsa-sha2-512
SSH: kex: client->server chacha20-poly1305@openssh.com <implicit> none
SSH: kex: server->client chacha20-poly1305@openssh.com <implicit> none
SSH: expecting SSH2_MSG_KEX_ECDH_INIT
SSH: set_newkeys: mode 1
SSH: SSH2_MSG_NEWKEYS sent
SSH: expecting SSH2_MSG_NEWKEYS
SSH: Connection closed by "KIWICATSERVERIP"
Maybe someone has the same problem and already found out how to fix it.
Thanks in advance for any help!