#1787 SFTP + Java 1.8 = com.jcraft.jsch.JSchException: Auth Cancel
Using JEdit 5.2pre1, FTP 1.1.0, and Oracle Java 8 (jdk1.8.0_05) on Linux, I was unable to make any sftp connections. I was repeatedly getting "Auth Cancel" exceptions thrown.
Switching back to Java 1.7 makes the problem go away.
I had JCE strong encryption installed, but I am using 2048 bit DSA keys. It is the high keystrength that is causing problems. 2048 bit DSA keys are no longer possible to create with ssh-keygen. Creating a new keypair with a newer ssh-keygen also makes the problem go away.
java.io.IOException: com.jcraft.jsch.JSchException: Auth cancel
at ftp.SFtpConnection.<init>(SFtpConnection.java:148)
at ftp.ConnectionManager.getConnection(ConnectionManager.java:524)
at ftp.FtpVFS.getConnection(FtpVFS.java:529)
at ftp.FtpVFS._listFiles(FtpVFS.java:222)
at org.gjt.sp.jedit.browser.ListDirectoryBrowserTask._run(ListDirectoryBrowserTask.java:74)
at org.gjt.sp.util.Task.run(Task.java:64)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)</init>
After committing a recent change to FTP in SVN, I get a more complete stack trace:
com.jcraft.jsch.JSchException: Auth cancel
at com.jcraft.jsch.Session.connect(Session.java:511)
at ftp.SFtpConnection.<init>(SFtpConnection.java:138)
at ftp.ConnectionManager.getConnection(ConnectionManager.java:524)
at ftp.FtpVFS.getConnection(FtpVFS.java:529)
at ftp.FtpVFS._listFiles(FtpVFS.java:222)
at org.gjt.sp.jedit.browser.ListDirectoryBrowserTask._run(ListDirectoryBrowserTask.java:74)
at org.gjt.sp.util.Task.run(Task.java:64)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)</init>
Other people are reporting trouble with Jsch + Java 1.8 also:
http://stackoverflow.com/questions/25404371/java8-jcraft-key-is-too-long-for-this-algorithm
It's a bug in Java 8.
https://bugs.openjdk.java.net/browse/JDK-8039921
Here is a relevant thread on the jsch-users list:
http://sourceforge.net/p/jsch/mailman/jsch-users/thread/CA%2BKtLoZA6NnZRNxdimpDJ4g94SRa5LKHL5GtLxhUhZVQhimhqQ%40mail.gmail.com/#msg32657232
Last edit: Alan Ezust 2014-09-17
Just reporting: I'm having the same using jEdit 5.1 and 5.2pre1 (installed it to check if that's not 5.1 bug :/) ...
Both running on Oracle Java 1.7.0_17.
If you have an issue with Java 1.7, make sure you have JCE strong encryption installed in your JRE and read the below thread:
http://sourceforge.net/p/jsch/mailman/jsch-users/thread/CA%2BKtLoZA6NnZRNxdimpDJ4g94SRa5LKHL5GtLxhUhZVQhimhqQ%40mail.gmail.com/#msg32657232
Hi there,
+-From: ymnk@jcraft.com (Atsuhiko Yamanaka) --
|_Date: Thu, 1 Jan 2015 01:14:37 +0900 _
|
|FYI, I had sent a request[1] for changing that behavior
|to security-dev mailing list, and the problem has been fixed[2][3]
|at last. Java9 will not have the reported problem.
|[1] http://mail.openjdk.java.net/pipermail/security-dev/2014-September/011228.html
|[2] https://bugs.openjdk.java.net/browse/JDK-8039921?focusedCommentId=13593153&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-13593153
|[3] http://hg.openjdk.java.net/jdk9/dev/jdk/rev/edd7a67585a5
FYI, it seems that fix has been backported[1] to JDK8u60.
[1] http://hg.openjdk.java.net/jdk8u/jdk8u-dev/jdk/rev/3212f1631643
Sincerely,
Atsuhiko Yamanaka
JCraft,Inc.