Closed Pratappatil1992 closed 8 years ago
The 1.5.4 update introduced new key exchanges.
You can workaround the issue for now by setting a different preferred key exchange.
con.getContext().setPreferredKeyExchange(Ssh2Context.KEX_DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA256);
To help us diagnose the issue can you tell me what JVM vendor and version you are using and whether the problem is intermittent or if every attempt to connect generates the exception.
I am using Oracle Corporation JVM Vendor and Java version "1.8.0_77" Java(TM) SE Runtime Environment (build 1.8.0_77-b03) Java HotSpot(TM) 64-Bit Server VM (build 25.77-b03, mixed mode)
And it gives me an exception for every attempt to connect.
As per you suggested me to use by setting a different preferred key exchange.
con.getContext().setPreferredKeyExchange(Ssh2Context.KEX_DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA256);
I tried with provided options but still I getting below exception.
com.sshtools.ssh.SshException: java.lang.SecurityException [com.sshtools.ssh.SshException]
at com.sshtools.ssh.SshConnector.connect(SshConnector.java:322)
at com.sshtools.ssh.SshConnector.connect(SshConnector.java:192)
at com.infiverve.flint.connector.ssh2.SSH2Service.onRequest(SSH2Service.java:196)
at com.infiverve.flint.sdk.connectors.FlintConnectorBase.lambda$start$0(FlintConnectorBase.java:84)
at io.vertx.core.eventbus.impl.EventBusImpl$HandlerRegistration.handle(EventBusImpl.java:1108)
at io.vertx.core.eventbus.impl.EventBusImpl.lambda$doReceive$189(EventBusImpl.java:755)
at io.vertx.core.impl.ContextImpl.lambda$wrapTask$15(ContextImpl.java:314)
at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:357)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:357)
at io.netty.util.concurrent.SingleThreadEventExecutor$2.run(SingleThreadEventExecutor.java:111)
at java.lang.Thread.run(Thread.java:745)
Caused by: com.sshtools.ssh.SshException: java.lang.SecurityException
at com.sshtools.ssh.components.jce.DiffieHellmanGroupExchangeSha1.performClientExchange(DiffieHellmanGroupExchangeSha1.java:322)
at com.sshtools.ssh2.TransportProtocol.performKeyExchange(TransportProtocol.java:1165)
at com.sshtools.ssh2.TransportProtocol.processMessage(TransportProtocol.java:1541)
at com.sshtools.ssh2.TransportProtocol.startTransportProtocol(TransportProtocol.java:353)
at com.sshtools.ssh2.Ssh2Client.connect(Ssh2Client.java:140)
at com.sshtools.ssh.SshConnector.connect(SshConnector.java:316)
... 10 more
Caused by: java.lang.SecurityException: JCE cannot authenticate the provider BC
at javax.crypto.JceSecurity.getInstance(JceSecurity.java:114)
at javax.crypto.KeyAgreement.getInstance(KeyAgreement.java:270)
at com.sshtools.ssh.components.jce.DiffieHellmanGroupExchangeSha1.performClientExchange(DiffieHellmanGroupExchangeSha1.java:192)
... 15 more
Caused by: java.util.jar.JarException: file:/home/pratap/flint/connectors/flint-ssh2-connector/target/flint-ssh-connector-1.0.0.0-all.jar has unsigned entries - flint-ssh-connector.json
at javax.crypto.JarVerifier.verifySingleJar(JarVerifier.java:464)
at javax.crypto.JarVerifier.verifyJars(JarVerifier.java:322)
at javax.crypto.JarVerifier.verify(JarVerifier.java:250)
at javax.crypto.JceSecurity.verifyProviderJar(JceSecurity.java:160)
at javax.crypto.JceSecurity.getVerificationResult(JceSecurity.java:186)
at javax.crypto.JceSecurity.getInstance(JceSecurity.java:110)
at javax.crypto.KeyAgreement.getInstance(KeyAgreement.java:270)
at com.sshtools.ssh.components.jce.DiffieHellmanGroup14Sha1.performClientExchange(DiffieHellmanGroup14Sha1.java:119)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.sshtools.ssh.components.jce.JCEComponentManager.testKeyExchangeAlgorithm(JCEComponentManager.java:543)
at com.sshtools.ssh.components.jce.JCEComponentManager.initializeKeyExchangeFactory(JCEComponentManager.java:357)
at com.sshtools.ssh.components.ComponentManager.init(ComponentManager.java:155)
at com.sshtools.ssh.components.ComponentManager.getInstance(ComponentManager.java:94)
at com.sshtools.ssh2.Ssh2Context.
This is because your trying to create a uber jar with all the dependencies. The BouncyCastle JCE provider is signed and unpacking and including in an uber jar breaks this so the Java runtime will not load the BC classes because they are not signed.
There is no way around this other than to ship the BC jar file separately.
Yes when I exclude BouncyCastle dependency from your 1.5.4 version lib and shipped the BC jar file separately and It is working well.
<dependency>
<groupId>com.sshtools</groupId>
<artifactId>j2ssh-maverick</artifactId>
<exclusions>
<exclusion> <!-- declare the exclusion here -->
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
</exclusion>
</exclusions>
<version>1.5.4</version>
</dependency>
Thank you for your support :)
The original error you had should now be fixed with the default settings working for Java 1.8 JCE. Its still advisable to include Bouncycastle for large DH prime support over 2048 bits.
Hello, Greetings !!. I am facing issue to connect to remote SSH server with your latest version 1.5.4 and previously With version 1.5.3 my code is working well but when I updated version of to 1.5.4 it started to give me error
Code Snippet:
SshConnector con = SshConnector.createInstance(); con.getContext().setHostKeyVerification(new ConsoleKnownHostsKeyVerification()); SocketTransport sc = new SocketTransport("192.168.2.19", 22); SshClient ssh = con.connect(sc, "pratap");
I am Using below Maven Dependency.
Below is stack trace of Error.
com.sshtools.ssh.SshException: Failed to process key exchange [java.security.InvalidKeyException] [com.sshtools.ssh.SshException] at com.sshtools.ssh.SshConnector.connect(SshConnector.java:322) at com.sshtools.ssh.SshConnector.connect(SshConnector.java:169) at com.infiverve.flint.connector.ssh2.SSH2Service.enable(SSH2Service.java:66) at com.infiverve.flint.sdk.connectors.FlintConnectorBase.start(FlintConnectorBase.java:43) at io.vertx.core.AbstractVerticle.start(AbstractVerticle.java:111) at io.vertx.core.impl.DeploymentManager.lambda$doDeploy$169(DeploymentManager.java:407) at io.vertx.core.impl.ContextImpl.lambda$wrapTask$15(ContextImpl.java:314) at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:357) at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:357) at io.netty.util.concurrent.SingleThreadEventExecutor$2.run(SingleThreadEventExecutor.java:111) at java.lang.Thread.run(Thread.java:745) Caused by: com.sshtools.ssh.SshException: Failed to process key exchange [java.security.InvalidKeyException] at com.sshtools.ssh.components.jce.DiffieHellmanEcdh.performClientExchange(DiffieHellmanEcdh.java:132) at com.sshtools.ssh2.TransportProtocol.performKeyExchange(TransportProtocol.java:1165) at com.sshtools.ssh2.TransportProtocol.processMessage(TransportProtocol.java:1541) at com.sshtools.ssh2.TransportProtocol.startTransportProtocol(TransportProtocol.java:353) at com.sshtools.ssh2.Ssh2Client.connect(Ssh2Client.java:140) at com.sshtools.ssh.SshConnector.connect(SshConnector.java:316) ... 10 more Caused by: java.security.InvalidKeyException: Not an EC key: ECDH at sun.security.ec.ECKeyFactory.checkKey(ECKeyFactory.java:121) at sun.security.ec.ECKeyFactory.toECKey(ECKeyFactory.java:90) at sun.security.ec.ECDHKeyAgreement.engineInit(ECDHKeyAgreement.java:67) at javax.crypto.KeyAgreement.implInit(KeyAgreement.java:346) at javax.crypto.KeyAgreement.chooseProvider(KeyAgreement.java:378) at javax.crypto.KeyAgreement.init(KeyAgreement.java:470) at javax.crypto.KeyAgreement.init(KeyAgreement.java:441) at com.sshtools.ssh.components.jce.DiffieHellmanEcdh.performClientExchange(DiffieHellmanEcdh.java:86)