0

I'm trying to create jar for sftp. I use SSHJ (0.23.0) and everything is fine on test server, but the problem is when I try to run it on production server.

Java version on my production server is 7u60.

SSHJ Log:

net.schmizz.sshj.transport.TransportException: **Unable to reach a settlement: [diffie-hellman-group1-sha1] and [curve25519-sha256@libssh.org, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group-exchange-sha256, diffie-hellman-group14-sha1]** at net.schmizz.sshj.transport.Proposal.firstMatch(Proposal.java:165)      
        at net.schmizz.sshj.transport.Proposal.negotiate(Proposal.java:147)
at net.schmizz.sshj.transport.KeyExchanger.gotKexInit(KeyExchanger.java:239)
        at net.schmizz.sshj.transport.KeyExchanger.handle(KeyExchanger.java:364)
        at net.schmizz.sshj.transport.TransportImpl.handle(TransportImpl.java:478)
        at net.schmizz.sshj.transport.Decoder.decode(Decoder.java:127)
        at net.schmizz.sshj.transport.Decoder.received(Decoder.java:195)
        at net.schmizz.sshj.transport.Reader.run(Reader.java:72)

This is similar question, but this guy started using Jsch.

Jsch (in my case 0.1.54, Java 7u60) also works fine on test server, but in production server it gives me following exceptions:

Jsch log:

com.jcraft.jsch.JSchException: Algorithm negotiation fail
        at com.jcraft.jsch.Session.receive_kexinit(Session.java:520)
        at com.jcraft.jsch.Session.connect(Session.java:286)
        at com.jcraft.jsch.Session.connect(Session.java:150)

I hope someone can help me.

byxor
  • 5,930
  • 4
  • 27
  • 44
Jozo Petrovic
  • 1
  • 2

1 Answers1

0

It seems that SSHJ is configured to only use the diffie-hellman-group1-sha key exchange algorithm, whereas your server supports a bunch of them, but not that one.

If you've not done that explicitly, the most likely reason is that you've either not loaded BouncyCastle, or the high-strength cryptography extensions are not loaded in your Java VM.

Hiery Nomus
  • 17,429
  • 2
  • 41
  • 37