1

We have a build script that uses the Ant <scp> task to upload files to a Mac server. This has been working fine for a year or more with the server running OSX 10.8 (Mountain Lion), but we recently upgraded it to OSX 10.11 (El Capitan) and now the <scp> task fails with this exception:

com.jcraft.jsch.JSchException: Algorithm negotiation fail

Switching on verbose mode, the log looks like this:

[scp] Connecting to **SERVER-ADDRESS**:2220
[scp] Connecting to **SERVER-ADDRESS** port 2220
[scp] Connection established
[scp] Remote version string: SSH-2.0-OpenSSH_6.9
[scp] Local version string: SSH-2.0-JSCH-0.1.51
[scp] CheckCiphers: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256
[scp] CheckKexes: diffie-hellman-group14-sha1
[scp] diffie-hellman-group14-sha1 is not available.
[scp] SSH_MSG_KEXINIT sent
[scp] SSH_MSG_KEXINIT received
[scp] kex: server: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
[scp] kex: server: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519
[scp] kex: server: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
[scp] kex: server: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
[scp] kex: server: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
[scp] kex: server: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
[scp] kex: server: none,zlib@openssh.com
[scp] kex: server: none,zlib@openssh.com
[scp] kex: server:
[scp] kex: server:
[scp] kex: client: diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1
[scp] kex: client: ssh-rsa,ssh-dss
[scp] kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-cbc,aes256-cbc
[scp] kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-cbc,aes256-cbc
[scp] kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
[scp] kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
[scp] kex: client: none
[scp] kex: client: none
[scp] kex: client:
[scp] kex: client:
[scp] Disconnecting from **SERVER-ADDRESS** port 2220

So the problem is that a single algorithm is not supported by both client and server, as discussed in this similar SO post: JSchException: Algorithm negotiation fail and various other places. However, from the logs it looks to me like the client and server do both support at least one algorithm, namely "aes128-ctr":

[scp] kex: server: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com

and

[scp] kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-cbc,aes256-cbc

So I don't understand why they can't negotiate an algorithm, but even so I went ahead and installed the JCE Unlimited Strength Jurisdiction Policy files, as suggested in that other SO question - you can see in the above line that the client supports 256-bit algorithms now. That doesn't make a difference, presumably because the server supports "aes256-ctr" and the client supports "aes256-cbc". But I still don't understand why it can't use "aes128-ctr"

Note, the client machine is running Windows, so based on something I read elsewhere (can't remember exactly where), I have also tried clearing Putty's cache of SSH keys - that also made no difference (not that I was expecting it to - I'm just trying stuff now...)

Frustratingly, it looks like this SO post - Algorithm negotiation fail deploying iOS app in OSX "El Capitan" - deals with the same issue, and there was a resolution, but the answerer just says that the problem is fixed in his product without explaining what the fix was, and I don't have enough reputation to post a comment asking for more detail

Community
  • 1
  • 1
limegreen
  • 13
  • 3

1 Answers1

0

Algorithm negotiation is not only about cipher, but also Key exchange and MACs. You don't have any common key exchange algorithm:

[scp] kex: server: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
[scp] kex: client: diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1

The client set is really small. You will probably have to allow additional Kex method on client side.

Jakuje
  • 24,773
  • 12
  • 69
  • 75
  • Thanks for the quick and informative reply! For anyone reading this in the future, it turned out that upgrading to JSch 0.1.53 fixed this, because it supports more kex methods – limegreen Jan 31 '16 at 20:40
  • I wanted to propose the update, but saw you have 0.1.52 so I thought there will not be a bug difference. Next time smarter. Glad to help. – Jakuje Jan 31 '16 at 20:41