[JSch-users] Algorithm negotiation fail issue
Status: Alpha
Brought to you by:
ymnk
From: Nick M. <nmo...@ya...> - 2012-09-18 17:00:10
|
Hello, I am running into a problem connecting to a server with JSCH. This worked until recently when the server was upgraded to more stringent security policies. The issue appears to be that aes256-ctr is required by the server, and JSCH is not reporting it as available during negotiation? I have installed the "JCE Unlimited Strength Jurisdiction Policy" from Oracle correctly into my JVM, and it does appear to have access to all the ciphers. Here is the log output from Jsch: INFO: Connecting to node0 port 22 INFO: Connection established INFO: Remote version string: SSH-2.0-OpenSSH_4.3 INFO: Local version string: SSH-2.0-JSCH-0.1.48 INFO: CheckCiphers: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256 INFO: CheckKexes: diffie-hellman-group14-sha1 INFO: diffie-hellman-group14-sha1 is not available. INFO: SSH_MSG_KEXINIT sent INFO: SSH_MSG_KEXINIT received INFO: kex: server: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 INFO: kex: server: ssh-rsa,ssh-dss INFO: kex: server: aes256-ctr INFO: kex: server: aes256-ctr INFO: kex: server: hmac-sha1 INFO: kex: server: hmac-sha1 INFO: kex: server: none,zl...@op... INFO: kex: server: none,zl...@op... INFO: kex: server: INFO: kex: server: INFO: kex: client: diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1 INFO: kex: client: ssh-rsa,ssh-dss INFO: kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-cbc,aes256-cbc INFO: kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-cbc,aes256-cbc INFO: kex: client: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96 INFO: kex: client: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96 INFO: kex: client: none INFO: kex: client: none INFO: kex: client: INFO: kex: client: INFO: Disconnecting from node0 port 22 com.jcraft.jsch.JSchException: Algorithm negotiation fail at com.jcraft.jsch.Session.receive_kexinit(Session.java:552) at com.jcraft.jsch.Session.connect(Session.java:299) at com.jcraft.jsch.Session.connect(Session.java:162) Thanks for your assistance! - nick |