JSch算法协商失败

Question

JSch算法协商失败

我尝试通过Java连接SFTP服务器.

我收到了一个错误.

com.jcraft.jsch.JSchException:算法协商失败

这是POM:

<dependency>
            <groupId>com.jcraft</groupId>
            <artifactId>jsch</artifactId>
            <version>0.1.53</version>
</dependency>

Run Code Online (Sandbox Code Playgroud)

这是日志:

INFO: Connecting to **"FTP ADRESS"** port 22
INFO: Connection established
INFO: Remote version string: SSH-2.0-Maverick_SSHD
INFO: Local version string: SSH-2.0-JSCH-0.1.53
INFO: CheckCiphers: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256
INFO: aes256-ctr is not available.
INFO: aes192-ctr is not available.
INFO: aes256-cbc is not available.
INFO: aes192-cbc is not available.
INFO: CheckKexes: diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521
INFO: diffie-hellman-group14-sha1 is not available.
INFO: ecdh-sha2-nistp256 is not available.
INFO: ecdh-sha2-nistp384 is not available.
INFO: ecdh-sha2-nistp521 is not available.
INFO: CheckSignatures: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
INFO: ecdsa-sha2-nistp256 is not available.
INFO: ecdsa-sha2-nistp384 is not available.
INFO: ecdsa-sha2-nistp521 is not available.
INFO: SSH_MSG_KEXINIT sent
INFO: SSH_MSG_KEXINIT received
INFO: kex: server: diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1
INFO: kex: server: ssh-rsa
INFO: kex: server: aes256-cbc,aes192-cbc
INFO: kex: server: aes256-cbc,aes192-cbc
INFO: kex: server: hmac-sha1,hmac-sha1-96
INFO: kex: server: hmac-sha1,hmac-sha1-96
INFO: kex: server: none
INFO: kex: server: none
INFO: kex: server: 
INFO: kex: server: 
INFO: kex: client: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
INFO: kex: client: ssh-rsa,ssh-dss
INFO: kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc
INFO: kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc
INFO: kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
INFO: kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
INFO: kex: client: none
INFO: kex: client: none
INFO: kex: client: 
INFO: kex: client: 
INFO: Disconnecting from "FTP ADRESS" port 22

Run Code Online (Sandbox Code Playgroud)

我得到了这个错误,我试图修复.我无法访问SFTP服务器来下载或更新任何文件或其他...

我可以通过FileZilla连接服务器,但我无法通过Java实现.

连接代码:

JSch jsch = new JSch();
Properties config = new Properties();
config.put("cipher.s2c", 
           "aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc");
config.put("cipher.c2s",
           "aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc");
config.put("kex", "diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256");
Session jschSession = jsch.getSession("username","server",22);

jschSession.setConfig("StrictHostKeyChecking", "no");
jschSession.setPassword("password");
jschSession.setConfig(config);
jschSession.connect();

Run Code Online (Sandbox Code Playgroud)

当我添加

config.put("cipher.s2c", 
           "aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc");

Run Code Online (Sandbox Code Playgroud)

日志是这样的

INFO: Connecting to ftp.servername port 22
INFO: Connection established
INFO: Remote version string: SSH-2.0-Maverick_SSHD
INFO: Local version string: SSH-2.0-JSCH-0.1.53
INFO: CheckCiphers: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256
INFO: aes256-ctr is not available.
INFO: aes192-ctr is not available.
INFO: aes256-cbc is not available.
INFO: aes192-cbc is not available.
INFO: CheckKexes: diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521
INFO: diffie-hellman-group14-sha1 is not available.
INFO: ecdh-sha2-nistp256 is not available.
INFO: ecdh-sha2-nistp384 is not available.
INFO: ecdh-sha2-nistp521 is not available.
INFO: CheckSignatures: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
INFO: ecdsa-sha2-nistp256 is not available.
INFO: ecdsa-sha2-nistp384 is not available.
INFO: ecdsa-sha2-nistp521 is not available.
INFO: SSH_MSG_KEXINIT sent
INFO: SSH_MSG_KEXINIT received
INFO: kex: server: diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1
INFO: kex: server: ssh-rsa
INFO: kex: server: aes256-cbc,aes192-cbc
INFO: kex: server: aes256-cbc,aes192-cbc
INFO: kex: server: hmac-sha1,hmac-sha1-96
INFO: kex: server: hmac-sha1,hmac-sha1-96
INFO: kex: server: none
INFO: kex: server: none
INFO: kex: server: 
INFO: kex: server: 
INFO: kex: client: diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256
INFO: kex: client: ssh-rsa,ssh-dss
INFO: kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc
INFO: kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc
INFO: kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
INFO: kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
INFO: kex: client: none
INFO: kex: client: none
INFO: kex: client: 
INFO: kex: client: 
INFO: Disconnecting from ftp.servername port 22
com.jcraft.jsch.JSchException: Algorithm negotiation fail

Run Code Online (Sandbox Code Playgroud)

Answer 1

Mar*_*ryl 11

如您所见,服务器提供以下密码:

信息:kex:服务器:aes256-cbc,aes192-cbc

但是JSch只接受这些:

信息:kex:客户:aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc

没有通用的密码可供选择.

请注意,JSch确实支持aes256-cbc和aes192-cbc,但需要JCE(Java Cryptography Extension)来允许它们.

您可能没有JCE,因此这些密码不可用.这就是原因

信息:aes256-cbc不可用.

下载Java Cryptography Extension(JCE)Unlimited Strength Jurisdiction Policy Files 8(如果不使用JDK 1.8,则为其他版本).

另请参阅密码'aes256-cbc'的答案,但它不可用.

归档时间：	10 年，3 月前
查看次数：	19827 次
最近记录：	7 年前