JDBC-0
commented
1 month ago As stated in https://github.com/mwiede/jsch#FAQ , additional
com.jcraft.jsch.JSch.setConfig("server_host_key", com.jcraft.jsch.JSch.getConfig("server_host_key") + ",ssh-rsa"); com.jcraft.jsch.JSch.setConfig("PubkeyAcceptedAlgorithms", com.jcraft.jsch.JSch.getConfig("PubkeyAcceptedAlgorithms") + ",ssh-rsa");
Worked for some test cases. The question is, if "ssh-rsa" is the only algorithm that need to be re-enabled for all FTP accounts with key files?
And: how long will this re-enabling be supported in upcoming JSch versions?
For a new external FTP account we received a key file that worked with FileZilla but not with Apache VFS. After long try and error sessions we concluded: by updating Jsch 0.1.55 from jCraft to the new mwiede Jsch 0.2.17, the connection worked with the new key.
But all the other FTP connections with key files failed. Reverting back to JSch 0.155, all the old FTP connections work but the new FTP connection with the new key file does not work.
=> we assume that Jsch 0.1.55 is too old to support latest crypto parts (hash methods?) and Jsch 0.2.17 threw out old cryptp parts (hash methods?) that are now missing to support the old keys. Is this accurate?
Is there a way to re-enable those old/unsupported/unsecure security parts (hash methods) in JSch 0.2.17 so that new and old keys still work all together?