Error while SSH to remote machine + Unable to settlmenet

[naveenduttvyas]

HI shikhar, I am getting this message disabling high strenght ciphers but still getting below error: please suggest

07-16-2014;03:16:34.297 [QuartzScheduler_Worker-2] INFO c.b.i.client.util.SCPUploader - ################ loaded Known hosts ################## 07-16-2014;03:16:34.299 [QuartzScheduler_Worker-2] INFO n.s.sshj.transport.TransportImpl - Client identity string: SSH-2.0-SSHJ_0_8_1_SNAPSHOT 07-16-2014;03:16:34.333 [QuartzScheduler_Worker-2] INFO n.s.sshj.transport.TransportImpl - Server identity string: SSH-2.0-OpenSSH_6.2 07-16-2014;03:16:34.344 [reader] ERROR n.s.sshj.transport.TransportImpl - Dying because - net.schmizz.sshj.transport.TransportException: Unable to reach a settlement: [] and [aes128-ctr, aes192-ctr, aes256-ctr, arcfour256, arcfour128, aes128-gcm@openssh.com, aes256-gcm@openssh.com, aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, aes192-cbc, aes256-cbc, arcfour, rijndael-cbc@lysator.liu.se] 07-16-2014;03:16:34.347 [reader] INFO n.s.sshj.transport.TransportImpl - Disconnected - UNKNOWN 07-16-2014;03:16:34.350 [QuartzScheduler_Worker-2] ERROR net.schmizz.concurrent.Promise - <> woke to: net.schmizz.sshj.transport.TransportException: Unable to reach a settlement: [] and [aes128-ctr, aes192-ctr, aes256-ctr, arcfour256, arcfour128, aes128-gcm@openssh.com, aes256-gcm@openssh.com, aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, aes192-cbc, aes256-cbc, arcfour, rijndael-cbc@lysator.liu.se] 07-16-2014;03:16:34.350 [QuartzScheduler_Worker-2] ERROR c.b.i.client.util.SCPUploader - Unable to reach a settlement: [] and [aes128-ctr, aes192-ctr, aes256-ctr, arcfour256, arcfour128, aes128-gcm@openssh.com, aes256-gcm@openssh.com, aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, aes192-cbc, aes256-cbc, arcfour, rijndael-cbc@lysator.liu.se] 07-16-2014;03:16:34.351 [QuartzScheduler_Worker-2] INFO n.s.sshj.transport.TransportImpl - Disconnected - BY_APPLICATION 07-16-2014;03:16:34.352 [QuartzScheduler_Worker-2] INFO n.s.sshj.transport.TransportImpl - Disconnected - BY_APPLICATION

I have used below code to :+1:

    Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
   String server = "aws-server-1";
   String dest = "/opt/tomcat/webapps/harviewer-2.0-15/HARFiles/";
   String user = "userme";//resourceBundle.getString("ftp.user.name")
   File privateKey = new File("/home/userme/.ssh/id_rsa");// ;
  // String keyProviderDir = "/home/ipapp/.ssh/id_rsa";
    log.info("################ Connection Params are set : -  ##################");

     SSHClient ssh = new SSHClient();

    try {

    ssh.loadKnownHosts();
    log.info("################ loaded Known hosts  ##################");
    ssh.connect(server);
    log.info("################ ssh.connect to server done! will load keys now  ##################");
    KeyProvider kp = null;
    KeyProvider keys = null;
    try {
        //kp = ssh.loadKeys(keyProviderDir);
        keys = ssh.loadKeys(privateKey.getPath());
        log.info("################ Connection Successful  ##################");
        log.info("Connected to the server " + server);
        log.info("System user is " + System.getProperty("user.name"));
        log.info("Key Provider Type is: " + kp.getType());
        log.info("Authenticating as..." + user);
    } catch (Exception e) {
        log.info("################ Error occurred while loading keys  ##################");
        e.printStackTrace();

    }

[hierynomus]

Could you add DEBUG logging? The "unable to reach a settlement" means that the server and client could not determine which encryption cipher to use, because they didn't specify any protocol they have in common. It seems like the client supports nothing, whereas the server supports a lot of ciphers.

[hierynomus]

@naveenduttvyas Have you loaded the unlimited strength Java Cryptography Extensions (JCE)? If not try that.

[hierynomus]

Also see #121

[hierynomus]

Closing this due to inactivity, workaround should be to load the JCE extensions.