1

I am trying to connect to a SFTP server from cygwin. Using JSCH 1.54 When I connect from a standalone class in eclipse or compile and run the same class is CYGWIN I can connect to the server. But I am not able to connect to the server from within the application. I get algorithm negotiation failure. Below are the logs that I get when I connect to the server.

LOGS IN CYGWIN COMMAND LINE

Also, this is the log that I get when I try to connect to the server from CYGWIN from within the application. It shows that the Ciphers are not available. I dont understand how is this possible when it can connect to the same server in one case and not in the other.

    [exec] INFO: Local version string: SSH-2.0-JSCH-0.1.54
     [exec] {} <Dec 24, 2017 3:42:54 AM GMT> < WARN> <Thread-43> <QWLogUtil>: Remote version string: SSH-2.0-OpenSSH_5.0p1+sftpfilecontrol-v1.2-hpn13v1 
      <QWLogUtil>: Local version string: SSH-2.0-JSCH-0.1.54
     [exec] INFO: CheckCiphers: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256
     <QWLogUtil>: CheckCiphers: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256
     [exec] INFO: aes256-ctr is not available.
     [exec] INFO: aes192-ctr is not available.
      <QWLogUtil>: aes256-ctr is not available.
     [exec] INFO: aes128-ctr is not available.
     [exec] INFO: aes256-cbc is not available.
      <QWLogUtil>: aes192-ctr is not available.
     [exec] INFO: aes192-cbc is not available.
     [exec] INFO: aes128-cbc is not available.
      <QWLogUtil>: aes128-ctr is not available.
     [exec] INFO: 3des-ctr is not available.
      <QWLogUtil>: aes256-cbc is not available.
      <QWLogUtil>: aes192-cbc is not available.
      <QWLogUtil>: aes128-cbc is not available.
      <QWLogUtil>: 3des-ctr is not available.
     [exec] INFO: CheckKexes: diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521
      <QWLogUtil>: CheckKexes: diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521
     [exec] INFO: diffie-hellman-group14-sha1 is not available.
     [exec] INFO: ecdh-sha2-nistp256 is not available.
      <QWLogUtil>: diffie-hellman-group14-sha1 is not available.
     [exec] INFO: ecdh-sha2-nistp384 is not available.
     [exec] INFO: ecdh-sha2-nistp521 is not available.
      <QWLogUtil>: ecdh-sha2-nistp256 is not available.
      <QWLogUtil>: ecdh-sha2-nistp384 is not available.
      <QWLogUtil>: ecdh-sha2-nistp521 is not available.
     [exec] INFO: CheckSignatures: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
      <QWLogUtil>: CheckSignatures: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
     [exec] INFO: ecdsa-sha2-nistp256 is not available.
     [exec] INFO: ecdsa-sha2-nistp384 is not available.
      <QWLogUtil>: ecdsa-sha2-nistp256 is not available.
     [exec] INFO: ecdsa-sha2-nistp521 is not available.
      <QWLogUtil>: ecdsa-sha2-nistp384 is not available.
      <QWLogUtil>: ecdsa-sha2-nistp521 is not available.
     [exec] INFO: SSH_MSG_KEXINIT sent
      <QWLogUtil>: SSH_MSG_KEXINIT sent
     [exec] INFO: SSH_MSG_KEXINIT received
      <QWLogUtil>: SSH_MSG_KEXINIT received
     [exec] INFO: kex: server: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
     [exec] INFO: kex: server: ssh-rsa,ssh-dss
      <QWLogUtil>: kex: server: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
     [exec] INFO: kex: server: aes128-ctr,aes192-ctr,aes256-ctr
     [exec] INFO: kex: server: aes128-ctr,aes192-ctr,aes256-ctr
      <QWLogUtil>: kex: server: ssh-rsa,ssh-dss
     [exec] INFO: kex: server: hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com
     [exec] INFO: kex: server: hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com
      <QWLogUtil>: kex: server: aes128-ctr,aes192-ctr,aes256-ctr
     [exec] INFO: kex: server: none,zlib@openssh.com
     [exec] INFO: kex: server: none,zlib@openssh.com
      <QWLogUtil>: kex: server: aes128-ctr,aes192-ctr,aes256-ctr 
      <QWLogUtil>: kex: server: hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com
      <QWLogUtil>: kex: server: hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com
      <QWLogUtil>: kex: server: none,zlib@openssh.com
     [exec] INFO: kex: client: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
      <QWLogUtil>: kex: server: none,zlib@openssh.com
     [exec] INFO: kex: client: ssh-rsa,ssh-dss
     [exec] INFO: kex: client: 3des-cbc,blowfish-cbc
     [exec] INFO: kex: client: 3des-cbc,blowfish-cbc
      <QWLogUtil>: kex: client: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
     [exec] INFO: kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
     [exec] INFO: kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
      <QWLogUtil>: kex: client: ssh-rsa,ssh-dss
      <QWLogUtil>: kex: client: 3des-cbc,blowfish-cbc
     [exec] INFO: kex: client: none
      <QWLogUtil>: kex: client: 3des-cbc,blowfish-cbc
     [exec] INFO: kex: client: none
      <QWLogUtil>: kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
      <QWLogUtil>: kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
      <QWLogUtil>: kex: client: none
     [exec] INFO: Disconnecting from SERVER.com port 22
      <QWLogUtil>: Disconnecting from SERVER.com port 22
     [exec] com.jcraft.jsch.JSchException: Algorithm negotiation fail
Bipin Karkee
  • 43
  • 7
  • Post the log as text, not as an image! – Martin Prikryl Dec 24 '17 at 08:05
  • @MartinPrikryl I checked the link you mentioned too. I am running this on CYGWIN. I put the JCE(local_policy.jar and US_export_policy.jar in the security folder in jre1.4, which is what I need to use. I compiled my project and ran it I got the same error. I also added the same to cygwin/lib/security to see if this works, that did not either. But within the same environment(CYGWIN), I can make a connection from a standalone class. But the same code within the application does not work. – Bipin Karkee Dec 25 '17 at 16:24
  • OK, so post [mcve]. – Martin Prikryl Dec 25 '17 at 17:48
  • Also you reference to Cygwin is pretty ambiguous. Sometimes your wording suggests that you run *the client* on Cygwin. Sometimes you refer to *the server*. – Martin Prikryl Dec 25 '17 at 17:50
  • @MartinPrikryl thanks but I solved the issue by adding java.security.Security.addProvider(new com.sun.crypto.provider.SunJCE()); this in the code. For some reason, the enterprise application could not access the JCE files without that line from the jre. – Bipin Karkee Jan 11 '18 at 19:59

0 Answers0