JSchException: Algorithm negotiation fail

Marek Dominiak picture Marek Dominiak · Jun 7, 2011 · Viewed 116.8k times · Source

I am trying to connect to remote sftp server over ssh with JSch (0.1.44-1) but during "session.connect();" I am getting this exception:

com.jcraft.jsch.JSchException: Algorithm negotiation fail at 
com.jcraft.jsch.Session.receive_kexinit(Session.java:529) at 
com.jcraft.jsch.Session.connect(Session.java:291) at com.jcraft.jsch.Session.connect(Session.java:154)
... 

Logs from JSch:

INFO: Connecting to xx.xx.xx.xxport 22 
INFO: Connection established 
INFO: Remote version string: SSH-2.0-WeOnlyDo 2.0.6 
INFO: Local version string: SSH-2.0-JSCH-0.1.44 
INFO: CheckCiphers: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256
INFO: aes256-ctr is not available. 
INFO: aes192-ctr is not available.
INFO: aes256-cbc is not available. 
INFO: aes192-cbc is not available.
INFO: arcfour256 is not available. 
INFO: SSH_MSG_KEXINIT sent
INFO: SSH_MSG_KEXINIT received 
INFO: Disconnecting from xx.xx.xx.xx port 22 

I am able to log in to remote server with linux sftp command. I was trying to find any kind of clue in the internet but I failed.

Debug output from linux sftp command:

OpenSSH_5.5p1-DAM_1.2, OpenSSL 0.9.8r 8 Feb 201

debug1: Reading configuration data /etc/DAM/ssh/ssh_config
debug1: Applying options for *
debug1: Applying options for *.*
debug1: Connecting to xx.xx.xx.xx [xx.xx.xx.xx] port 22.
debug1: Connection established.
debug1: identity file /**/spv_id_rsa.key type -1
debug1: identity file /**/spv_id_rsa.key-cert type -1
debug1: Remote protocol version 2.0, remote software version WeOnlyDo 2.0.6
debug1: no match: WeOnlyDo 2.0.6
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.5p1-DAM_1.2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes256-cbc hmac-md5 none
debug1: kex: client->server aes256-cbc hmac-md5 none
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug1: Host 'xx.xx.xx.xx' is known and matches the RSA host key.
debug1: Found key in ~/.ssh/known_hosts:8
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /**/spv_id_rsa.key
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Sending subsystem: sftp
Connected to xx.xx.xx.xx.
sftp>

Answer

Pace picture Pace · Jun 7, 2011

There are a couple of places that SSH clients and servers try and agree on a common implementation. Two I know of are encryption and compression. The server and client produce a list of available options and then the best available option in both lists is chosen.

If there is no acceptable option in the lists then it fails with the error you got. I'm guessing from the debug output here but it looks like the only server options for encryption are "aes256-cbc hmac-md5 none".

JSch doesn't do hmac-md5 and aes256-cbc is disabled because of your Java policy files. Two things you could try are...

  1. To increase the available encryption libraries on the server, install unrestricted policy files on your client, enabling aes256-cbc (make sure the message saying it is disabled goes away, those policy files are notoriously easy to install on the wrong JVM) from the site:

    For JDK 1.6: http://www.oracle.com/technetwork/java/javase/downloads/jce-6-download-429243.html

    For JDK 1.7: http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html

    For JDK 1.8: http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html

  2. or try and disable encryption.

The first is ideal if you have access to the server (trust me aes128-cbc is plenty of encryption), but the second is easy enough to quickly test out the theory.