norrisjeremy
commented
1 year ago Hi @vyu-talend,
I suspect you are hitting a bug with the server software (XLight FTP Server version 3.8.3.6.2).
According to their release notes, they denote the following bugfix in their 3.8.8.5 release:
Fixed a bug in selecting group size for SSH Diffie-Hellman Group Exchange.The exception being thrown occurs while JSch is attempting to process an SSH_MSG_DISCONNECT that the server is sending back (see Session.java:1262).
I'm not sure what exactly the nature of their bug is, but if you are unable to upgrade the server software, then you probably will need to remove the diffie-hellman-group-exchange-sha1 KEX algorithm from your JSch config (or put it after diffie-hellman-group1-sha1).
Thanks, Jeremy
vyu-talend
OLeh125
Hello, After I upgrade the jsch jar from 0.1.55 to 0.2.1, I got this error: java.lang.ArrayIndexOutOfBoundsException: arraycopy: last source index 262220 out of bounds for byte[20480] at java.base/java.lang.System.arraycopy(Native Method) at com.jcraft.jsch.Buffer.getByte(Buffer.java:148) at com.jcraft.jsch.Buffer.getString(Buffer.java:188) at com.jcraft.jsch.Session.read(Session.java:1262) at com.jcraft.jsch.Session.connect(Session.java:337) at com.jcraft.jsch.Session.connect(Session.java:194) at local_project.sftptest_0_1.sftpTest.tFTPConnection_2Process(sftpTest.java:570) at local_project.sftptest_0_1.sftpTest.runJobInTOS(sftpTest.java:1252) at local_project.sftptest_0_1.sftpTest.main(sftpTest.java:951)
This is my logs Jsch_0.2.1_logs.txt
I've read the issue #228, and the suggestion is execute
JSch.setConfig("kex", ...)method a single time. And I do have the method in my codes execute many times, like this:com.jcraft.jsch.JSch.setConfig("kex", "ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256");com.jcraft.jsch.JSch.setConfig("server_host_key", "ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256");com.jcraft.jsch.JSch.setConfig("cipher.s2c", "aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes256-gcm@openssh.com");com.jcraft.jsch.JSch.setConfig("cipher.c2s", "aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes256-gcm@openssh.com");com.jcraft.jsch.JSch.setConfig("mac.s2c", "hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-512");com.jcraft.jsch.JSch.setConfig("mac.c2s","hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-512");The reason that I add those algorithms is because I need to keep my applications works fine after I upgrade the jsch.jar from 0.1.55 to 0.2.1. After my testing, it solved lot of issues like "Algorithms negotiation failed".
Do you have any idea how to solve this error? If my approach to keep previous applications works fine is not the best, do you have suggestion about it? Thanks in advanced!