Hi,
Log file is attached. The difference between two connections are only the
order of ciphers:
First session mac.s2c is --> hmac-sha1,hmac-sha1-96,hmac-md5-96,hmac-md5
Second session mac.s2c --> hmac-sha1-96,hmac-md5-96,hmac-md5,hmac-sha1
Only difference seems to be the order. I understand that server may not
support hmac-sha1-96, but it also does not try hmac-sha1 which is also in
list and is successfully connected in first session.
Thanks again,
Nazli
2010/8/23 Atsuhiko Yamanaka <[email protected]>
> Hi,
>
> +-From: =?ISO-8859-9?B?bmF6bP0gZ/xuZPx6?= <[email protected]> --
> |_Date: Mon, 23 Aug 2010 11:27:13 +0300 ______________________________
> |
> |What is this list used for? It represents the list of algorithms that we
> |support for session but if the first item on the list is not supported
> by
> |the ssh server than we get an exception and jar file does *not* continue
> |trying second item.
>
> |For instance: Jsch supports below default config for "cipher.s2c":
>
> |*aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-cbc,aes256-cbc
> |*
> |but I want to use the "*aes128-cbc*" as default, and if ssh server does
> not
> |support this algorithm, want to use "*3des-cbc*":
> |session.setConfig("cipher.s2c", "aes128-cbc,3des-cbc");
> |Using code above I get "*com.jcraft.jsch.JSchException:
> SSH_MSG_DISCONNECT:
> |2 Packet corrupt*" exception when the server does not support aes128-cbc
> but
> |supports 3des-cbc. (when the order of the configuration changes as
> |3des-cbc, aes128-cbc; I can have a successful connection)
>
> It is a curious result. Can you enable the Logger like
> http://www.jcraft.com/jsch/examples/Logger.java
>
>
> Sincerely,
> --
> Atsuhiko Yamanaka
> JCraft,Inc.
> 1-14-20 HONCHO AOBA-KU,
> SENDAI, MIYAGI 980-0014 Japan.
> Tel +81-22-723-2150
> +1-415-578-3454
> Skype callto://jcraft/
> Twitter: @ymnk
>
--
Nazli
INFO: Connecting to 47.168.58.63 port 22
INFO: Connection established
INFO: Remote version string: SSH-2.0-OpenSSH_4.3
INFO: Local version string: SSH-2.0-JSCH-0.1.42
INFO: CheckCiphers:
aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256
INFO: aes256-ctr is not available.
INFO: aes192-ctr is not available.
INFO: aes256-cbc is not available.
INFO: aes192-cbc is not available.
INFO: arcfour256 is not available.
INFO: SSH_MSG_KEXINIT sent
INFO: SSH_MSG_KEXINIT received
INFO: kex: server->client aes128-ctr hmac-sha1-96 none
INFO: kex: client->server aes128-ctr hmac-sha1-96 none
INFO: SSH_MSG_KEX_DH_GEX_REQUEST(1024<1024<1024) sent
INFO: expecting SSH_MSG_KEX_DH_GEX_GROUP
INFO: SSH_MSG_KEX_DH_GEX_INIT sent
INFO: expecting SSH_MSG_KEX_DH_GEX_REPLY
INFO: ssh_rsa_verify: signature true
WARN: Permanently added '47.168.58.63' (RSA) to the list of known hosts.
INFO: SSH_MSG_NEWKEYS sent
INFO: SSH_MSG_NEWKEYS received
INFO: SSH_MSG_SERVICE_REQUEST sent
INFO: Disconnecting from 47.168.58.63 port 22
com.jcraft.jsch.JSchException: SSH_MSG_DISCONNECT: 2 Packet corrupt
at com.jcraft.jsch.Session.read(Session.java:892)
at com.jcraft.jsch.UserAuthNone.start(UserAuthNone.java:56)
at com.jcraft.jsch.Session.connect(Session.java:344)
at com.jcraft.jsch.Session.connect(Session.java:150)
at
com.nortelnetworks.mcp.base.io.FTPUtils.SFTPSession.login(SFTPSession.java:92)
at
com.nortelnetworks.mcp.ne.share.format.ftpmgmt.SFTPSessionInfo.sftpLogin(SFTPSessionInfo.java:155)
at
com.nortelnetworks.mcp.ne.share.format.ftpmgmt.SFTPSessionInfo.initSession(SFTPSessionInfo.java:108)
at
com.nortelnetworks.mcp.ne.share.format.ftpmgmt.FileTransferTask.initializeDestinations(FileTransferTask.java:223)
at
com.nortelnetworks.mcp.ne.share.format.ftpmgmt.FileTransferTask.handleTransferFileEvent(FileTransferTask.java:171)
at
com.nortelnetworks.mcp.ne.share.format.ftpmgmt.TransferFileEvent.handle(TransferFileEvent.java:51)
at
com.nortelnetworks.mcp.base.task.SimpleTask.handle(SimpleTask.java:26)
at com.nortelnetworks.mcp.base.task.Task.processEvents(Task.java:707)
at com.nortelnetworks.mcp.base.task.Task.run(Task.java:541)
at com.nortelnetworks.mcp.base.task.TaskRunner.run(TaskRunner.java:84)
at java.lang.Thread.run(Thread.java:619)
INFO: Connecting to 47.168.58.63 port 22
INFO: Connection established
INFO: Remote version string: SSH-2.0-OpenSSH_4.3
INFO: Local version string: SSH-2.0-JSCH-0.1.42
INFO: CheckCiphers:
aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256
INFO: aes256-ctr is not available.
INFO: aes192-ctr is not available.
INFO: aes256-cbc is not available.
INFO: aes192-cbc is not available.
INFO: arcfour256 is not available.
INFO: SSH_MSG_KEXINIT sent
INFO: SSH_MSG_KEXINIT received
INFO: kex: server->client aes128-ctr hmac-sha1 none
INFO: kex: client->server aes128-ctr hmac-sha1 none
INFO: SSH_MSG_KEX_DH_GEX_REQUEST(1024<1024<1024) sent
INFO: expecting SSH_MSG_KEX_DH_GEX_GROUP
INFO: SSH_MSG_KEX_DH_GEX_INIT sent
INFO: expecting SSH_MSG_KEX_DH_GEX_REPLY
INFO: ssh_rsa_verify: signature true
WARN: Permanently added '47.168.58.63' (RSA) to the list of known hosts.
INFO: SSH_MSG_NEWKEYS sent
INFO: SSH_MSG_NEWKEYS received
INFO: SSH_MSG_SERVICE_REQUEST sent
INFO: SSH_MSG_SERVICE_ACCEPT received
INFO: Authentications that can continue: publickey,keyboard-interactive,password
INFO: Next authentication method: publickey
INFO: Authentications that can continue: keyboard-interactive,password
INFO: Next authentication method: keyboard-interactive
INFO: Authentication succeeded (keyboard-interactive).------------------------------------------------------------------------------
This SF.net email is sponsored by
Make an app they can't live without
Enter the BlackBerry Developer Challenge
http://p.sf.net/sfu/RIM-dev2dev
_______________________________________________
JSch-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jsch-users
