Thanks for the pointers.
Now when I run my program, I get the following info message ..
diffie-hellman-group14-sha1 is not available.
Code Snippet...
JSch jsch=new JSch();
Hashtable<String,String> cipherList = new Hashtable<String,String>( );
cipherList.put("kex", "diffie-hellman-group14-sha1");
cipherList.put("diffie-hellman-group14-sha1", "com.jcraft.jsch.DHG14");
...
JSch.setConfig( cipherList );
...
Run Program...
INFO: Remote version string: SSH-2.0-OpenSSH_4.3
INFO: Local version string: SSH-2.0-JSCH-0.1.45
INFO: CheckCiphers:
aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256
INFO: CheckKexes: diffie-hellman-group14-sha1
INFO: diffie-hellman-group14-sha1 is not available.
INFO: Disconnecting from 192.168.1.6 port 22
com.jcraft.jsch.JSchException: There are not any available kexes.
at com.jcraft.jsch.Session.send_kexinit(Session.java:576)
at com.jcraft.jsch.Session.connect(Session.java:278)
at com.jcraft.jsch.Session.connect(Session.java:154)
at SshLogger.main(SshLogger.java:83)
com.jcraft.jsch.JSchException: There are not any available kexes.
So why is it saying that kex is not available? Is this expected? I have not
included the boucycastle library yet.
How do I then override the SunJCE provider to use the bouncycastle JCE provider?
Thanks for any guidance.
-Jeff
On Dec 29, 2010, at 9:01 AM, Atsuhiko Yamanaka wrote:
> Hi,
>
> +-From: Jeff Russell <[email protected]> --
> |_Date: Sat, 25 Dec 2010 22:54:27 -0500 ___
> |
> |Is there any way to get jsch to work with the key exchange cipher of
> |diffie-hellman-group14-sha1? Right now it only seems to support
> |diffie-hellman-group-exchange-sha1, and diffie-hellman-group1-sha1.
>
> It seems that it has been defined since draft-ietf-secsh-transport-19[1]
> and RFC4253[2] has clearly stated it is required to be supported.
> Frankly to say, I had not recognized it. That is my fault.
>
> I have tried to implemented it, and here is a working version,
> http://www.jcraft.com/jsch/jsch-0.1.45-rc1.zip
>
> Unfortunately, group14 requires Diffie-Hellman 2048 length key,
> and SunJCE provider included in Sun's(or Oracle's) JDK does not support such
> a long key.
> I have confirmed that jsch-0.1.45-rc1 with BouncyCastle[3]'s JCE provider
> will
> support diffie-hellman-group14-sha1.
>
> FYI, jsch-0.1.45 will automagically check the availability of
> 'diffie-hellman-group14-sha1' on the running environment,
> and if it is not available, it will be ignored.
>
> [1] http://tools.ietf.org/rfcdiff?url2=draft-ietf-secsh-transport-19.txt
> [2] http://tools.ietf.org/html/rfc4253
> [3] http://www.bouncycastle.org/
>
>
> Sincerely,
> --
> Atsuhiko Yamanaka
> JCraft,Inc.
> 1-14-20 HONCHO AOBA-KU,
> SENDAI, MIYAGI 980-0014 Japan.
> Tel +81-22-723-2150
> +1-415-578-3454
> Skype callto://jcraft/
> Twitter: http://twitter.com/ymnk
'Life isn't about how to survive the storm, But how to dance in the rain.'
------------------------------------------------------------------------------
Learn how Oracle Real Application Clusters (RAC) One Node allows customers
to consolidate database storage, standardize their database environment, and,
should the need arise, upgrade to a full multi-node Oracle RAC database
without downtime or disruption
http://p.sf.net/sfu/oracle-sfdevnl
_______________________________________________
JSch-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jsch-users
