我已经添加了Java无限策略文件并阅读了其他发帖者在这里询问的解决方案,但仍然无法解决我的问题。
- 升级至 JSch 0.1.54
- 安装了 UnlimitedJCEPolicy 文件。
C:\Program Files\Java\jdk1.7.0_21\jre\lib\security。 我已验证 NetBeans 正在使用此 jdk 实例。
我能够连接防火墙上设置的 SSH key 交换组 dh-group1-sha1,但是当我将其更改为 SSH key 交换组 dh-group14-sha1 时,我收到以下错误:
Caused by: com.jcraft.jsch.JSchException: Algorithm negotiation fail
at com.jcraft.jsch.Session.receive_kexinit(Session.java:590)
at com.jcraft.jsch.Session.connect(Session.java:320)
at com.jcraft.jsch.Session.connect(Session.java:183)
我按如下方式创建 JSch session :
Properties config = new Properties();
config.put("kex", "diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256");
config.put("StrictHostKeyChecking", "no");
session.setConfig(config);
session.connect();
我已经遵循了其他问题的解决方案,但迄今为止无法解决这个问题。请帮忙。
这是来自服务器的日志文件。
SSH: host key initialised
SSH1: starting SSH control process
SSH1: Exchanging versions - SSH-1.99-Cisco-1.25
SSH1: send SSH message: outdata is NULL
server version string:SSH-1.99-Cisco-1.25
SSH1: receive SSH message: 83 (83)
SSH1: client version is - SSH-2.0-JSCH-0.1.54
client version string:SSH-2.0-JSCH-0.1.54
SSH2 1: SSH2_MSG_KEXINIT sent
SSH2 1: SSH2_MSG_KEXINIT received
SSH2: kex: client->server aes128-ctr hmac-md5 none
SSH2: kex: server->client aes128-ctr hmac-md5 none
SSH2 0: kex algo not supported: client diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchan
SSH2 1: ssh: kex_choose_conf errorSSH1: Session disconnected by SSH server - error 0x00 "Internal error"
这是 JSch 日志:
INFO: Connection established
INFO: Remote version string: SSH-1.99-Cisco-1.25
INFO: Local version string: SSH-2.0-JSCH-0.1.54
INFO: CheckCiphers: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256
INFO: CheckKexes: diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521
INFO: diffie-hellman-group14-sha1 is not available.
INFO: CheckSignatures: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
INFO: SSH_MSG_KEXINIT sent
INFO: SSH_MSG_KEXINIT received
INFO: kex: server: diffie-hellman-group14-sha1
INFO: kex: server: ssh-rsa
INFO: kex: server: aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr
INFO: kex: server: aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr
INFO: kex: server: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96
INFO: kex: server: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96
INFO: kex: server: none
INFO: kex: server: none
INFO: kex: server:
INFO: kex: server:
INFO: kex: client: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
INFO: kex: client: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
INFO: kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc
INFO: kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc
INFO: kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
INFO: kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
INFO: kex: client: none
INFO: kex: client: none
INFO: kex: client:
INFO: kex: client:
最佳答案
显然您需要为“diffie-hellman-group14-sha1”使用 JDK 8。
查看JSch.java static block :
config.put("diffie-hellman-group14-sha1",
"com.jcraft.jsch.DHG14"); // available since JDK8.
关于java - JSch 0.1.54 dh-group14-sha1 算法协商失败,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/40537119/