Howdy,

For anyone that had to discover this the hard way, there is a workaround if you like to continue using SFTP repositories while having Patch 4 applied.

Having spent close to a day on that, it would appear that the problem is arround the host keys ISE is trying to use while opening the SFTP channel.

What i saw happening is that when you SSH from ISE on to the repository it uses ECDSA keys, where triggering SFTP connection was using RSA keys instead. This ultimetly triggers an error SSH Connect error as it did not match the known hosts keys as they are differnt

In our case we use a CentOS server as SFTP repository and simply turnig off negotiation of ECDSA in the /etc/ssh/sshd_config  and restarting the sshd service allows the SFTP connections to work as normal.

This is the settings we changed:

From:

HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key

To:

HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
#HostKey /etc/ssh/ssh_host_ed25519_key

Although its not ideal, it allows to workaround the problem, while not reverting to say FTP.

Hopefulyl this will help others, as looking for "SSH Connection Error" did not bring this bug up.

Niko