Why does JSch work on a Linux system, but not on Windows?

Question

I created a Java program that has to make a SSH connection and execute ls on an Linux archive.

It works fine when I run this code on a Linux system using JSch. However, I try to make the program run on a Windows machine, it exits without any message at session.connect().

Using Log4j, the only thing I do know is, that it stops at the session.connect() line.

Is there a difference in using Jsch from Linux and Windows?

Below is the code for the connection.

public void openSession() {

    JSch jsch = new JSch();

    try {
        session = jsch.getSession(user, host, port);
        session.setPassword(password);
        session.setConfig("StrictHostKeyChecking", "no");
        System.out.println("Establishing Connection...");
        logger.info("Establishing Connection...");
        session.connect();
        System.out.println("Connection established.");
        logger.info("Connection established.");
        System.out.println("Creating SFTP Channel.");
        logger.info("Connection established.");
        sftpChannel = (ChannelSftp) session.openChannel("sftp");
        sftpChannel.connect();
        System.out.println("SFTP Channel created.");
        logger.info("SFTP Channel created.");
    } catch (JSchException e) {
        StringWriter errors = new StringWriter();
        e.printStackTrace(new PrintWriter(errors));
        logger.error(errors);
        logger.error(e.getCause());
    }

}

Here is the exception, that seems to cause the issue:

Exception in thread "main" java.lang.ExceptionInInitializerError
        at java.base/javax.crypto.Cipher.getInstance(Cipher.java:548)
        at com.jcraft.jsch.jce.AES256CTR.init(AES256CTR.java:56)
        at com.jcraft.jsch.Session.checkCipher(Session.java:2497)
        at com.jcraft.jsch.Session.checkCiphers(Session.java:2474)
        at com.jcraft.jsch.Session.send_kexinit(Session.java:624)
        at com.jcraft.jsch.Session.connect(Session.java:307)
        at com.jcraft.jsch.Session.connect(Session.java:183)
        at controller.SshFileHandler.openSession(SshFileHandler.java:241)
        at controller.SshFileHandler.<init>(SshFileHandler.java:50)
        at controller.MainController.selectDataSource(MainController.java:69)
        at controller.MainController.run(MainController.java:42)
        at controller.Application.main(Application.java:22)
Caused by: java.lang.SecurityException: Can not initialize cryptographic mechanism
        at java.base/javax.crypto.JceSecurity.<clinit>(JceSecurity.java:119)
        ... 12 more
Caused by: java.lang.SecurityException: Can't read cryptographic policy directory: unlimited
        at java.base/javax.crypto.JceSecurity.setupJurisdictionPolicies(JceSecurity.java:333)
        at java.base/javax.crypto.JceSecurity$1.run(JceSecurity.java:110)
        at java.base/javax.crypto.JceSecurity$1.run(JceSecurity.java:107)
        at java.base/java.security.AccessController.doPrivileged(AccessController.java:569)
        at java.base/javax.crypto.JceSecurity.<clinit>(JceSecurity.java:106)
        ... 12 more

You may need to debug into `connect` method to find out what is happening. — talex, Oct 11 '22 at 11:22
Jsch works on a Windows machine. Have you checked your logs for any errors? — Stultuske, Oct 11 '22 at 11:24
BTW most logging APIs support one liner form `logger.error("Some message", e);` to avoid you writing such verbose exception handlers. — DuncG, Oct 11 '22 at 11:52
I would probably try it with Putty on Windows with the same credentials — g00se, Oct 11 '22 at 12:07
@Stultuske thats the sad thing. the logs don't get any message from connect() running into whatever exception. All it gives me is "14:15:17.324 [main] INFO controller.SshFileHandler - Establishing Connection..." — KayB, Oct 11 '22 at 12:11
have you debugged and checked the values of host, port user, password, ... have you then tried with those manually? — Stultuske, Oct 11 '22 at 12:20
Just to avoid your wasting time, don't expect Jsch to give you debug on connect. At most (if its Logger is INFO-enabled) it will report what host and port it's connecting to. Try Putty first — g00se, Oct 11 '22 at 12:32
I'm not quite sure how all that will help if the JSch classes are barely using that logger, irrespective of *where* it logs to: ```JSch.getLogger().log(Logger.INFO, "Connecting to " + host + " port " + port);``` And there's no more *until* the connection is established. The OP already knows the host and port — g00se, Oct 11 '22 at 13:55
If the logs imply that there's a connectivity problem, debug it as a connectivity problem -- pull out your packet sniffer of choice and look at the network traffic going over the wire. Once you've proven that there's a valid TCP connection made but the library isn't completing the handshake, _then_ come back; but the easy answer is that one of your machines has working connectivity, and the other does not -- whether that's the operating system's firewall rules or a routing issue or something else. — Charles Duffy, Oct 11 '22 at 20:23
Yes firewall is a good candidate for a problem but I think it's going to be a lot easier to use a client that displays verbose connecting rather than going down to the packet level — g00se, Oct 11 '22 at 21:55
I added a screen shot of an exception that seems to be the root of all evil. — KayB, Oct 12 '22 at 08:37
Please add the exception as code formatted text, not as a screenshot. The error in the screenshot seems to indicate your Java install is broken and/or has incorrect manual modifications to its security config. I'd recommend uninstalling Java, and reinstalling it. I guess the error means the `unlimited` directory is missing or incomplete inside `conf\security\policy` of your Java install. — Mark Rotteveel, Oct 12 '22 at 08:41
@MarkRotteveel I was able to catch it before the console window closed and added the exception text to OP. I don't have Java installed for this project. On the Windows machine I provide an .exe made with [launch4j](https://launch4j.sourceforge.net/). It points to a directory that has the lib and bin folder of Java JRE according to that post. [how-to-bundle-a-jre-with-launch4j](https://stackoverflow.com/questions/7071133/how-to-bundle-a-jre-with-launch4j) — KayB, Oct 12 '22 at 09:14
The use of launch4j seems pretty pertinent information that you have to include in your question. This would suggest that the bundled JRE generated by launch4j is incomplete (i.e. not having a complete `conf\security`) or corrupted. — Mark Rotteveel, Oct 12 '22 at 09:21
@MarkRotteveel Oh my god, you are a life saver! I downloaded the JDK again did replace everything in the JRE path, that launch4j directs the .exe to and now it runs \o/. Can be closed. — KayB, Oct 12 '22 at 09:41

Why does JSch work on a Linux system, but not on Windows?

0 Answers0