Re: [JSch-users] JSCH - Change order of preference for key exchange algorithms for connection
Status: Alpha
Brought to you by:
ymnk
Menu
▾
▴
Re: [JSch-users] JSCH - Change order of preference for key exchange algorithms for connection
|
From: nazlı g. <naz...@gm...> - 2010-08-23 08:27:20
|
Thanks for the reply Atsuhiko. I have another question here and appreciate
your help:
What is this list used for? It represents the list of algorithms that we
support for session but if the first item on the list is not supported by
the ssh server than we get an exception and jar file does *not* continue
trying second item.
For instance: Jsch supports below default config for "cipher.s2c":
*aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-cbc,aes256-cbc
*
but I want to use the "*aes128-cbc*" as default, and if ssh server does not
support this algorithm, want to use "*3des-cbc*":
session.setConfig("cipher.s2c", "aes128-cbc,3des-cbc");
Using code above I get "*com.jcraft.jsch.JSchException: SSH_MSG_DISCONNECT:
2 Packet corrupt*" exception when the server does not support aes128-cbc but
supports 3des-cbc. (when the order of the configuration changes as
3des-cbc, aes128-cbc; I can have a successful connection)
So is there a way to handshake with the server on that? I mean, can I send a
list of algorithms that I support and handshake with the server on which one
is going to be used, Or should I keep trying to change order of config until
I get a successful connection as I get an exception? Is there a property
for that which I am not aware of?
Sorry for the long mail, I just tried to make myself clear.
Thanks,
Nazli
2010/8/23 Atsuhiko Yamanaka <ym...@jc...>
> Hi,
>
> +-From: =?ISO-8859-9?B?bmF6bP0gZ/xuZPx6?= <naz...@gm...> --
> |_Date: Wed, 18 Aug 2010 17:16:55 +0300 ______________________________
> |
> |I want to change the order of preference of key exchange or encryption
> |algorithms in Jsch. I tried overriding the config as below:
> |config = new Properties();
> |String kexOrder = getOrderForConfiguration("kex");
> |where "getOrderForConfiguration" method returns a string including the
> |preferred order of algorithms. This does not seem to work. In addition,
> can
> |I remove one of the algorithm supported to support only one kex
> algorithm?
> |I appreciate your help.
>
> I don't know about the implementation of your getOrderForConfiguration()
> method, but you can config and choose kex algorithm as follows,
>
> ...
> JSch jsch = new JSch();
> Session session = jsch.getSession(user, host, 22);
> System.out.println("default settings for kex:
> "+session.getConfig("kex"))
> session.setConfig("kex", "diffie-hellman-group1-sha1")
> ...
>
>
> Sincerely,
> --
> Atsuhiko Yamanaka
> JCraft,Inc.
> 1-14-20 HONCHO AOBA-KU,
> SENDAI, MIYAGI 980-0014 Japan.
> Tel +81-22-723-2150
> +1-415-578-3454
> Skype callto://jcraft/
> Twitter: @ymnk
>
--
Nazli
|