You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello,
I'm using your cool lib to connect to several SFTP server and it works fine, never had a problem.
Now I have to connect to a WINDOWS AXWAY MFT, and doing the same thing as the other connection, it does not work.
I asked for a log to the counterpart and they say that the logs show "Signature verification request with an invalid algorithm identifier (0(unknown))".
My log is:
2024-02-26 16:32:36,259 [http-nio-9080-exec-4] INFO n.s.s.t.r.JCERandom - Creating new SecureRandom.
2024-02-26 16:32:36,260 [http-nio-9080-exec-4] DEBUG n.s.s.t.r.JCERandom - Random creation took 0 ms
2024-02-26 16:32:36,267 [http-nio-9080-exec-4] DEBUG n.s.s.DefaultConfig - Available Ciphers [chacha20-poly1305@openssh.com, aes128-cbc, aes128-ctr, aes192-cbc, aes192-ctr, aes256-cbc, aes256-ctr, aes128-gcm@openssh.com, aes256-gcm@openssh.com, blowfish-cbc, blowfish-ctr, cast128-cbc, cast128-ctr, idea-cbc, idea-ctr, serpent128-cbc, serpent128-ctr, serpent192-cbc, serpent192-ctr, serpent256-cbc, serpent256-ctr, 3des-cbc, 3des-ctr, twofish128-cbc, twofish128-ctr, twofish192-cbc, twofish192-ctr, twofish256-cbc, twofish256-ctr, twofish-cbc, arcfour, arcfour128, arcfour256]
2024-02-26 16:32:36,296 [http-nio-9080-exec-4] INFO n.s.s.t.TransportImpl - Client identity string: SSH-2.0-SSHJ_0.38.0
2024-02-26 16:32:36,413 [http-nio-9080-exec-4] INFO c.h.s.t.IdentificationStringParser - Server identification has bad line ending, was expecting a '\r\n' however got: 's' (hex: 73)
2024-02-26 16:32:36,413 [http-nio-9080-exec-4] INFO c.h.s.t.IdentificationStringParser - Will treat the identification of this server 'SSH-2.0-XFB.Gateway Windows' leniently
2024-02-26 16:32:36,413 [http-nio-9080-exec-4] INFO n.s.s.t.TransportImpl - Server identity string: SSH-2.0-XFB.Gateway Windows
2024-02-26 16:32:36,415 [http-nio-9080-exec-4] DEBUG n.s.s.t.KeyExchanger - Initiating key exchange
2024-02-26 16:32:36,415 [http-nio-9080-exec-4] DEBUG n.s.c.Promise - Setting <> to null
2024-02-26 16:32:36,415 [http-nio-9080-exec-4] DEBUG n.s.s.t.KeyExchanger - Sending SSH_MSG_KEXINIT
2024-02-26 16:32:36,417 [http-nio-9080-exec-4] DEBUG n.s.c.Promise - Setting <> to SOME
2024-02-26 16:32:36,417 [http-nio-9080-exec-4] DEBUG n.s.c.Promise - Awaiting <>
2024-02-26 16:32:36,449 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.KeyExchanger - Received SSH_MSG_KEXINIT
2024-02-26 16:32:36,450 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.KeyExchanger - Negotiated algorithms: [ kex=diffie-hellman-group-exchange-sha1; sig=ssh-rsa; c2sCipher=aes128-cbc; s2cCipher=aes128-cbc; c2sMAC=hmac-sha1; s2cMAC=hmac-sha1; c2sComp=none; s2cComp=none; ]
2024-02-26 16:32:36,450 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.KeyExchanger - Trying to verify algorithms with com.earnext.leecher.service.DownloadSftp$1@254d1bb2
2024-02-26 16:32:42,218 [sshj-Reader-/91.240.166.106:1022-1708961556413] INFO c.e.l.c.EarnextController - Negotiated algorithms [ kex=diffie-hellman-group-exchange-sha1; sig=ssh-rsa; c2sCipher=aes128-cbc; s2cCipher=aes128-cbc; c2sMAC=hmac-sha1; s2cMAC=hmac-sha1; c2sComp=none; s2cComp=none; ]
2024-02-26 16:32:52,020 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.k.DHGexSHA1 - Sending KEX_DH_GEX_REQUEST
2024-02-26 16:32:52,050 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.KeyExchanger - Received kex followup data
2024-02-26 16:32:52,050 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.k.DHGexSHA1 - Got message KEXDH_31
2024-02-26 16:32:52,050 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.k.DHGexSHA1 - Received server p bitlength 2048
2024-02-26 16:32:52,074 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.k.DHGexSHA1 - Sending KEX_DH_GEX_INIT
2024-02-26 16:32:52,181 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.KeyExchanger - Received kex followup data
2024-02-26 16:32:52,181 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.k.DHGexSHA1 - Got message KEX_DH_GEX_REPLY
2024-02-26 16:32:52,205 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.KeyExchanger - Trying to verify host key with net.schmizz.sshj.transport.verification.PromiscuousVerifier@2b8ae16b
2024-02-26 16:32:52,205 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.KeyExchanger - Sending SSH_MSG_NEWKEYS
2024-02-26 16:32:52,205 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.KeyExchanger - Received SSH_MSG_NEWKEYS
2024-02-26 16:32:52,206 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.c.Promise - Setting <> to null
2024-02-26 16:32:52,206 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.c.Promise - Setting <> to SOME
2024-02-26 16:32:52,206 [http-nio-9080-exec-4] DEBUG n.s.s.SSHClient - Key exchange took 15.791 seconds
2024-02-26 16:32:52,206 [http-nio-9080-exec-4] DEBUG n.s.c.Promise - Setting <> to null
2024-02-26 16:32:52,206 [http-nio-9080-exec-4] DEBUG n.s.s.t.TransportImpl - Sending SSH_MSG_SERVICE_REQUEST for ssh-userauth
2024-02-26 16:32:52,206 [http-nio-9080-exec-4] DEBUG n.s.c.Promise - Awaiting <>
2024-02-26 16:32:52,274 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.TransportImpl - Setting active service to ssh-userauth
2024-02-26 16:32:52,274 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.c.Promise - Setting <> to SOME
2024-02-26 16:32:52,274 [http-nio-9080-exec-4] DEBUG n.s.c.Promise - Setting <> to null
2024-02-26 16:32:52,274 [http-nio-9080-exec-4] DEBUG n.s.s.u.UserAuthImpl - Trying publickey auth...
2024-02-26 16:32:52,274 [http-nio-9080-exec-4] DEBUG n.s.s.u.m.AuthPublickey - Attempting authentication using com.hierynomus.sshj.userauth.keyprovider.OpenSSHKeyV1KeyFile@194a0105
2024-02-26 16:32:52,275 [http-nio-9080-exec-4] DEBUG n.s.c.Promise - Awaiting <>
2024-02-26 16:32:52,305 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.u.UserAuthImpl - Asking publickey method to handle USERAUTH_60 packet
2024-02-26 16:32:52,305 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.u.m.AuthPublickey - Key acceptable, sending signed request
2024-02-26 16:32:52,305 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.u.m.AuthPublickey - Attempting authentication using com.hierynomus.sshj.userauth.keyprovider.OpenSSHKeyV1KeyFile@194a0105
2024-02-26 16:32:52,361 [sshj-Reader-/91.240.166.106:1022-1708961556413] INFO n.s.s.t.TransportImpl - Received SSH_MSG_DISCONNECT (reason=HOST_NOT_ALLOWED_TO_CONNECT, msg=ssh disconnect host not allowed to connect)
2024-02-26 16:32:52,361 [sshj-Reader-/91.240.166.106:1022-1708961556413] ERROR n.s.s.t.TransportImpl - Dying because - ssh disconnect host not allowed to connect
net.schmizz.sshj.transport.TransportException: ssh disconnect host not allowed to connect
at net.schmizz.sshj.transport.TransportImpl.gotDisconnect(TransportImpl.java:548)
at net.schmizz.sshj.transport.TransportImpl.handle(TransportImpl.java:500)
at net.schmizz.sshj.transport.Decoder.decode(Decoder.java:113)
at net.schmizz.sshj.transport.Decoder.received(Decoder.java:200)
at net.schmizz.sshj.transport.Reader.run(Reader.java:60)
2024-02-26 16:32:52,361 [sshj-Reader-/91.240.166.106:1022-1708961556413] INFO n.s.s.t.TransportImpl - Disconnected - HOST_NOT_ALLOWED_TO_CONNECT
2024-02-26 16:32:52,361 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.KeyExchanger - Got notified of net.schmizz.sshj.transport.TransportException: [HOST_NOT_ALLOWED_TO_CONNECT] ssh disconnect host not allowed to connect
2024-02-26 16:32:52,361 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.u.UserAuthImpl - Notified of net.schmizz.sshj.transport.TransportException: [HOST_NOT_ALLOWED_TO_CONNECT] ssh disconnect host not allowed to connect
2024-02-26 16:32:52,361 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.TransportImpl - Setting active service to null-service
2024-02-26 16:32:52,361 [http-nio-9080-exec-4] ERROR n.s.c.Promise - <> woke to: net.schmizz.sshj.userauth.UserAuthException: ssh disconnect host not allowed to connect
2024-02-26 16:32:52,361 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.c.Promise - Setting <> to SOME
2024-02-26 16:32:52,361 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.Reader - Stopping
2024-02-26 16:32:52,361 [http-nio-9080-exec-4] ERROR c.e.l.c.EarnextController - Exhausted available authentication methods
UPDATE:
I try another lib jsch and I had the same problem, but it seems my couterpart use ssh-rsa for server host key and pubkey accepted algorithms so adding this fix the problem.
The code is:
jschSession.setConfig("server_host_key", "ssh-rsa," + jschSession.getConfig("server_host_key"));
jschSession.setConfig("PubkeyAcceptedAlgorithms", "ssh-rsa,ssh-dss," + jschSession.getConfig("PubkeyAcceptedAlgorithms"))
```;
I'm wondering if there is a similiar thing in sshj or a way to prioritize ssh-rsa in the list
The text was updated successfully, but these errors were encountered:
Hello,
I'm using your cool lib to connect to several SFTP server and it works fine, never had a problem.
Now I have to connect to a WINDOWS AXWAY MFT, and doing the same thing as the other connection, it does not work.
I asked for a log to the counterpart and they say that the logs show "Signature verification request with an invalid algorithm identifier (0(unknown))".
My log is:
2024-02-26 16:32:36,259 [http-nio-9080-exec-4] INFO n.s.s.t.r.JCERandom - Creating new SecureRandom.
2024-02-26 16:32:36,260 [http-nio-9080-exec-4] DEBUG n.s.s.t.r.JCERandom - Random creation took 0 ms
2024-02-26 16:32:36,267 [http-nio-9080-exec-4] DEBUG n.s.s.DefaultConfig - Available Ciphers [chacha20-poly1305@openssh.com, aes128-cbc, aes128-ctr, aes192-cbc, aes192-ctr, aes256-cbc, aes256-ctr, aes128-gcm@openssh.com, aes256-gcm@openssh.com, blowfish-cbc, blowfish-ctr, cast128-cbc, cast128-ctr, idea-cbc, idea-ctr, serpent128-cbc, serpent128-ctr, serpent192-cbc, serpent192-ctr, serpent256-cbc, serpent256-ctr, 3des-cbc, 3des-ctr, twofish128-cbc, twofish128-ctr, twofish192-cbc, twofish192-ctr, twofish256-cbc, twofish256-ctr, twofish-cbc, arcfour, arcfour128, arcfour256]
2024-02-26 16:32:36,296 [http-nio-9080-exec-4] INFO n.s.s.t.TransportImpl - Client identity string: SSH-2.0-SSHJ_0.38.0
2024-02-26 16:32:36,413 [http-nio-9080-exec-4] INFO c.h.s.t.IdentificationStringParser - Server identification has bad line ending, was expecting a '\r\n' however got: 's' (hex: 73)
2024-02-26 16:32:36,413 [http-nio-9080-exec-4] INFO c.h.s.t.IdentificationStringParser - Will treat the identification of this server 'SSH-2.0-XFB.Gateway Windows' leniently
2024-02-26 16:32:36,413 [http-nio-9080-exec-4] INFO n.s.s.t.TransportImpl - Server identity string: SSH-2.0-XFB.Gateway Windows
2024-02-26 16:32:36,415 [http-nio-9080-exec-4] DEBUG n.s.s.t.KeyExchanger - Initiating key exchange
2024-02-26 16:32:36,415 [http-nio-9080-exec-4] DEBUG n.s.c.Promise - Setting <> to
null2024-02-26 16:32:36,415 [http-nio-9080-exec-4] DEBUG n.s.s.t.KeyExchanger - Sending SSH_MSG_KEXINIT
2024-02-26 16:32:36,417 [http-nio-9080-exec-4] DEBUG n.s.c.Promise - Setting <> to
SOME2024-02-26 16:32:36,417 [http-nio-9080-exec-4] DEBUG n.s.c.Promise - Awaiting <>
2024-02-26 16:32:36,449 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.KeyExchanger - Received SSH_MSG_KEXINIT
2024-02-26 16:32:36,450 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.KeyExchanger - Negotiated algorithms: [ kex=diffie-hellman-group-exchange-sha1; sig=ssh-rsa; c2sCipher=aes128-cbc; s2cCipher=aes128-cbc; c2sMAC=hmac-sha1; s2cMAC=hmac-sha1; c2sComp=none; s2cComp=none; ]
2024-02-26 16:32:36,450 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.KeyExchanger - Trying to verify algorithms with com.earnext.leecher.service.DownloadSftp$1@254d1bb2
2024-02-26 16:32:42,218 [sshj-Reader-/91.240.166.106:1022-1708961556413] INFO c.e.l.c.EarnextController - Negotiated algorithms [ kex=diffie-hellman-group-exchange-sha1; sig=ssh-rsa; c2sCipher=aes128-cbc; s2cCipher=aes128-cbc; c2sMAC=hmac-sha1; s2cMAC=hmac-sha1; c2sComp=none; s2cComp=none; ]
2024-02-26 16:32:52,020 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.k.DHGexSHA1 - Sending KEX_DH_GEX_REQUEST
2024-02-26 16:32:52,050 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.KeyExchanger - Received kex followup data
2024-02-26 16:32:52,050 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.k.DHGexSHA1 - Got message KEXDH_31
2024-02-26 16:32:52,050 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.k.DHGexSHA1 - Received server p bitlength 2048
2024-02-26 16:32:52,074 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.k.DHGexSHA1 - Sending KEX_DH_GEX_INIT
2024-02-26 16:32:52,181 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.KeyExchanger - Received kex followup data
2024-02-26 16:32:52,181 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.k.DHGexSHA1 - Got message KEX_DH_GEX_REPLY
2024-02-26 16:32:52,205 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.KeyExchanger - Trying to verify host key with net.schmizz.sshj.transport.verification.PromiscuousVerifier@2b8ae16b
2024-02-26 16:32:52,205 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.KeyExchanger - Sending SSH_MSG_NEWKEYS
2024-02-26 16:32:52,205 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.KeyExchanger - Received SSH_MSG_NEWKEYS
2024-02-26 16:32:52,206 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.c.Promise - Setting <> to
null2024-02-26 16:32:52,206 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.c.Promise - Setting <> to
SOME2024-02-26 16:32:52,206 [http-nio-9080-exec-4] DEBUG n.s.s.SSHClient - Key exchange took 15.791 seconds
2024-02-26 16:32:52,206 [http-nio-9080-exec-4] DEBUG n.s.c.Promise - Setting <> to
null2024-02-26 16:32:52,206 [http-nio-9080-exec-4] DEBUG n.s.s.t.TransportImpl - Sending SSH_MSG_SERVICE_REQUEST for ssh-userauth
2024-02-26 16:32:52,206 [http-nio-9080-exec-4] DEBUG n.s.c.Promise - Awaiting <>
2024-02-26 16:32:52,274 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.TransportImpl - Setting active service to ssh-userauth
2024-02-26 16:32:52,274 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.c.Promise - Setting <> to
SOME2024-02-26 16:32:52,274 [http-nio-9080-exec-4] DEBUG n.s.c.Promise - Setting <> to
null2024-02-26 16:32:52,274 [http-nio-9080-exec-4] DEBUG n.s.s.u.UserAuthImpl - Trying
publickeyauth...2024-02-26 16:32:52,274 [http-nio-9080-exec-4] DEBUG n.s.s.u.m.AuthPublickey - Attempting authentication using com.hierynomus.sshj.userauth.keyprovider.OpenSSHKeyV1KeyFile@194a0105
2024-02-26 16:32:52,275 [http-nio-9080-exec-4] DEBUG n.s.c.Promise - Awaiting <>
2024-02-26 16:32:52,305 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.u.UserAuthImpl - Asking
publickeymethod to handle USERAUTH_60 packet2024-02-26 16:32:52,305 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.u.m.AuthPublickey - Key acceptable, sending signed request
2024-02-26 16:32:52,305 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.u.m.AuthPublickey - Attempting authentication using com.hierynomus.sshj.userauth.keyprovider.OpenSSHKeyV1KeyFile@194a0105
2024-02-26 16:32:52,361 [sshj-Reader-/91.240.166.106:1022-1708961556413] INFO n.s.s.t.TransportImpl - Received SSH_MSG_DISCONNECT (reason=HOST_NOT_ALLOWED_TO_CONNECT, msg=ssh disconnect host not allowed to connect)
2024-02-26 16:32:52,361 [sshj-Reader-/91.240.166.106:1022-1708961556413] ERROR n.s.s.t.TransportImpl - Dying because - ssh disconnect host not allowed to connect
net.schmizz.sshj.transport.TransportException: ssh disconnect host not allowed to connect
at net.schmizz.sshj.transport.TransportImpl.gotDisconnect(TransportImpl.java:548)
at net.schmizz.sshj.transport.TransportImpl.handle(TransportImpl.java:500)
at net.schmizz.sshj.transport.Decoder.decode(Decoder.java:113)
at net.schmizz.sshj.transport.Decoder.received(Decoder.java:200)
at net.schmizz.sshj.transport.Reader.run(Reader.java:60)
2024-02-26 16:32:52,361 [sshj-Reader-/91.240.166.106:1022-1708961556413] INFO n.s.s.t.TransportImpl - Disconnected - HOST_NOT_ALLOWED_TO_CONNECT
2024-02-26 16:32:52,361 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.KeyExchanger - Got notified of net.schmizz.sshj.transport.TransportException: [HOST_NOT_ALLOWED_TO_CONNECT] ssh disconnect host not allowed to connect
2024-02-26 16:32:52,361 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.u.UserAuthImpl - Notified of net.schmizz.sshj.transport.TransportException: [HOST_NOT_ALLOWED_TO_CONNECT] ssh disconnect host not allowed to connect
2024-02-26 16:32:52,361 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.TransportImpl - Setting active service to null-service
2024-02-26 16:32:52,361 [http-nio-9080-exec-4] ERROR n.s.c.Promise - <> woke to: net.schmizz.sshj.userauth.UserAuthException: ssh disconnect host not allowed to connect
2024-02-26 16:32:52,361 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.c.Promise - Setting <> to
SOME2024-02-26 16:32:52,361 [sshj-Reader-/91.240.166.106:1022-1708961556413] DEBUG n.s.s.t.Reader - Stopping
2024-02-26 16:32:52,361 [http-nio-9080-exec-4] ERROR c.e.l.c.EarnextController - Exhausted available authentication methods
UPDATE:
I try another lib jsch and I had the same problem, but it seems my couterpart use ssh-rsa for server host key and pubkey accepted algorithms so adding this fix the problem.
The code is:
The text was updated successfully, but these errors were encountered: