JSch算法协商失败 [英] JSch Algorithm negotiation fail
问题描述
我尝试通过Java连接SFTP服务器。
我遇到了错误。
com.jcraft.jsch.JSchException:算法协商失败
这是POM:
< dependency>
< groupId> com.jcraft< / groupId>
< artifactId> jsch< / artifactId>
< version> 0.1.53< / version>
< / dependency>
这是日志:
信息:连接到**FTP ADRESS**端口22
信息:建立连接
信息:远程版本字符串:SSH-2.0 -Maverick_SSHD
INFO:本地版本字符串:SSH-2.0-JSCH-0.1.53
INFO:CheckCiphers:aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128 -cbc,3des-ctr,arcfour,arcfour128,arcfour256
信息:aes256-ctr不可用。
信息:aes192-ctr不可用。
信息:aes256-cbc不可用。
信息:aes192-cbc不可用。
INFO:CheckKexes:diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521
INFO:diffie-hellman-group14-sha1不可用。
信息:ecdh-sha2-nistp256不可用。
信息:ecdh-sha2-nistp384不可用。
信息:ecdh-sha2-nistp521不可用。
信息:CheckSignatures:ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
信息:ecdsa-sha2-nistp256不可用。
信息:ecdsa-sha2-nistp384不可用。
信息:ecdsa-sha2-nistp521不可用。
INFO:SSH_MSG_KEXINIT sent
INFO:SSH_MSG_KEXINIT received
INFO:kex:server:diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1
INFO:kex :server:ssh-rsa
INFO:kex:server:aes256-cbc,aes192-cbc
INFO:kex:server:aes256-cbc,aes192-cbc
INFO:kex:server: hmac-sha1,hmac-sha1-96
INFO:kex:server:hmac-sha1,hmac-sha1-96
INFO:kex:server:none
INFO:kex:server:none
INFO:kex:server:
INFO:kex:server:
INFO:kex:client:diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1, diffes-hellman-group1-sha1
INFO:kex:client:ssh-rsa,ssh-dss
INFO:kex:client:aes128-ctr,aes128-cbc,3des-ctr,3des-cbc, blowfish-cbc
INFO:kex:client:aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc
INFO:kex:client:hmac-md5,hmac-sha1, hmac-sha2-256,hmac-sha1-96,hmac-md5-96
INFO:kex:client:hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5 -96
INFO:kex:client:none
INFO:kex:client:none
INFO:kex:client:
INFO:kex:client:
INFO:正在断开FTP ADRESS端口22
我无法访问SFTP服务器下载或更新任何文件或其他...
我可以通过FileZilla连接服务器,但是我不能用Java。 p>
连接代码:
JSch jsch = new JSch
属性config = new Properties();
config.put(cipher.s2c,
aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr ,aes256-cbc);
config.put(cipher.c2s,
aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr ,aes256-cbc);
config.put(kex,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256) ;
会话jschSession = jsch.getSession(username,server,22);
jschSession.setConfig(StrictHostKeyChecking,no);
jschSession.setPassword(password);
jschSession.setConfig(config);
jschSession.connect();
当我添加
config.put(cipher.s2c,
aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256 -ctr,aes256-cbc);
日志如下
信息:连接到ftp.servername端口22
信息:建立连接
信息:远程版本字符串:SSH-2.0-Maverick_SSHD
INFO:本地版本字符串:SSH-2.0-JSCH-0.1.53
INFO:CheckCiphers:aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des- ctr,arcfour,arcfour128,arcfour256
信息:aes256-ctr不可用。
信息:aes192-ctr不可用。
信息:aes256-cbc不可用。
信息:aes192-cbc不可用。
INFO:CheckKexes:diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521
INFO:diffie-hellman-group14-sha1不可用。
信息:ecdh-sha2-nistp256不可用。
信息:ecdh-sha2-nistp384不可用。
信息:ecdh-sha2-nistp521不可用。
信息:CheckSignatures:ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
信息:ecdsa-sha2-nistp256不可用。
信息:ecdsa-sha2-nistp384不可用。
信息:ecdsa-sha2-nistp521不可用。
INFO:SSH_MSG_KEXINIT sent
INFO:SSH_MSG_KEXINIT received
INFO:kex:server:diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1
INFO:kex :server:ssh-rsa
INFO:kex:server:aes256-cbc,aes192-cbc
INFO:kex:server:aes256-cbc,aes192-cbc
INFO:kex:server: hmac-sha1,hmac-sha1-96
INFO:kex:server:hmac-sha1,hmac-sha1-96
INFO:kex:server:none
INFO:kex:server:none
INFO:kex:server:
INFO:kex:server:
INFO:kex:client:diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1,diffie- heesman-group-exchange-sha256
INFO:kex:client:ssh-rsa,ssh-dss
INFO:kex:client:aes128-ctr,aes128-cbc,3des-ctr,3des-cbc, blowfish-cbc
INFO:kex:client:aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc
INFO:kex:client:hmac-md5,hmac-sha1, hmac-sha2-256,hmac-sha1-96,hmac-md5-96
INFO:kex:client:hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5 -96
INFO:kex:client:none
INFO:kex:client:none
INFO:kex:client:
INFO:kex:client:
INFO:断开与ftp.servername端口22的连接
com.jcraft.jsch.JSchException:算法协商失败
如您所见,服务器提供了以下密码:
INFO:kex:server: aes256-cbc,aes192-cbc
但是JSch只接受这些:
< >
INFO:kex:client:aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc
没有通用的密码可供选择。
请注意,JSch支持aes256-cbc和aes192-cbc,但需要JCE(Java Cryptography Extension)来允许它们。
您可能没有JCE,所以这些密码不可用。这就是为什么有
信息:aes256-cbc不可用。
下载 Java密码术扩展(JCE)无限强度管辖权政策文件8 (或其他版本,如果不使用JDK 1.8)。
I try to connect SFTP server by Java.
I got an error.
com.jcraft.jsch.JSchException: Algorithm negotiation fail
Here is the POM:
<dependency>
<groupId>com.jcraft</groupId>
<artifactId>jsch</artifactId>
<version>0.1.53</version>
</dependency>
Here is the log:
INFO: Connecting to **"FTP ADRESS"** port 22
INFO: Connection established
INFO: Remote version string: SSH-2.0-Maverick_SSHD
INFO: Local version string: SSH-2.0-JSCH-0.1.53
INFO: CheckCiphers: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256
INFO: aes256-ctr is not available.
INFO: aes192-ctr is not available.
INFO: aes256-cbc is not available.
INFO: aes192-cbc is not available.
INFO: CheckKexes: diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521
INFO: diffie-hellman-group14-sha1 is not available.
INFO: ecdh-sha2-nistp256 is not available.
INFO: ecdh-sha2-nistp384 is not available.
INFO: ecdh-sha2-nistp521 is not available.
INFO: CheckSignatures: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
INFO: ecdsa-sha2-nistp256 is not available.
INFO: ecdsa-sha2-nistp384 is not available.
INFO: ecdsa-sha2-nistp521 is not available.
INFO: SSH_MSG_KEXINIT sent
INFO: SSH_MSG_KEXINIT received
INFO: kex: server: diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1
INFO: kex: server: ssh-rsa
INFO: kex: server: aes256-cbc,aes192-cbc
INFO: kex: server: aes256-cbc,aes192-cbc
INFO: kex: server: hmac-sha1,hmac-sha1-96
INFO: kex: server: hmac-sha1,hmac-sha1-96
INFO: kex: server: none
INFO: kex: server: none
INFO: kex: server:
INFO: kex: server:
INFO: kex: client: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
INFO: kex: client: ssh-rsa,ssh-dss
INFO: kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc
INFO: kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc
INFO: kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
INFO: kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
INFO: kex: client: none
INFO: kex: client: none
INFO: kex: client:
INFO: kex: client:
INFO: Disconnecting from "FTP ADRESS" port 22
I got this error what i tried to fix. I cannot access the SFTP server to download or update any file or etc...
I can connect the server by FileZilla, but I cannot make it by Java.
Connection Code:
JSch jsch = new JSch();
Properties config = new Properties();
config.put("cipher.s2c",
"aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc");
config.put("cipher.c2s",
"aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc");
config.put("kex", "diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256");
Session jschSession = jsch.getSession("username","server",22);
jschSession.setConfig("StrictHostKeyChecking", "no");
jschSession.setPassword("password");
jschSession.setConfig(config);
jschSession.connect();
When I added
config.put("cipher.s2c",
"aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc");
the logs are like this
INFO: Connecting to ftp.servername port 22
INFO: Connection established
INFO: Remote version string: SSH-2.0-Maverick_SSHD
INFO: Local version string: SSH-2.0-JSCH-0.1.53
INFO: CheckCiphers: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256
INFO: aes256-ctr is not available.
INFO: aes192-ctr is not available.
INFO: aes256-cbc is not available.
INFO: aes192-cbc is not available.
INFO: CheckKexes: diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521
INFO: diffie-hellman-group14-sha1 is not available.
INFO: ecdh-sha2-nistp256 is not available.
INFO: ecdh-sha2-nistp384 is not available.
INFO: ecdh-sha2-nistp521 is not available.
INFO: CheckSignatures: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
INFO: ecdsa-sha2-nistp256 is not available.
INFO: ecdsa-sha2-nistp384 is not available.
INFO: ecdsa-sha2-nistp521 is not available.
INFO: SSH_MSG_KEXINIT sent
INFO: SSH_MSG_KEXINIT received
INFO: kex: server: diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1
INFO: kex: server: ssh-rsa
INFO: kex: server: aes256-cbc,aes192-cbc
INFO: kex: server: aes256-cbc,aes192-cbc
INFO: kex: server: hmac-sha1,hmac-sha1-96
INFO: kex: server: hmac-sha1,hmac-sha1-96
INFO: kex: server: none
INFO: kex: server: none
INFO: kex: server:
INFO: kex: server:
INFO: kex: client: diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256
INFO: kex: client: ssh-rsa,ssh-dss
INFO: kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc
INFO: kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc
INFO: kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
INFO: kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
INFO: kex: client: none
INFO: kex: client: none
INFO: kex: client:
INFO: kex: client:
INFO: Disconnecting from ftp.servername port 22
com.jcraft.jsch.JSchException: Algorithm negotiation fail
As you can see, the server offers these ciphers:
INFO: kex: server: aes256-cbc,aes192-cbc
But JSch accepts only these:
INFO: kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc
There's no common cipher to choose from.
Note that JSch does support both aes256-cbc and aes192-cbc, but requires JCE (Java Cryptography Extension) to allow them.
You probably do not have JCE, so these ciphers are not available. That's why there's
INFO: aes256-cbc is not available.
Download Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 8 (or other version if not using JDK 1.8).
See also an answer to The cipher 'aes256-cbc' is required, but it is not available.
这篇关于JSch算法协商失败的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!