sshj/sftp unable to reach settlement even though BouncyCastle is loade - Enhance your coding expertise with iklen on @onlycoders.net

1 year ago

#353656

iklen

sshj/sftp unable to reach settlement even though BouncyCastle is loaded

I am trying to upload some file to a server using custom sshj/sftp fat jar. However I am stuck on a problem where dependency is reporting that it is unable to reach a settlement.

USAGE:

java -jar ...

NOTE: This works on one server, but does not work on the other. Both servers have identical ciphers configured in sshd_config.

Bouncy Castle provider is available
net.schmizz.sshj.transport.TransportException: Unable to reach a settlement: [diffie-hellman-group1-sha1, diffie-hellman-group-exchange-sha1] and [curve25519-sha256, curve25519-sha256@libssh.org, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group-exchange-sha256, diffie-hellman-group16-sha512, diffie-hellman-group18-sha512, diffie-hellman-group14-sha256, diffie-hellman-group14-sha1]
        at net.schmizz.sshj.transport.Proposal.firstMatch(Proposal.java:145)
        at net.schmizz.sshj.transport.Proposal.negotiate(Proposal.java:127)
        at net.schmizz.sshj.transport.KeyExchanger.gotKexInit(KeyExchanger.java:227)
        at net.schmizz.sshj.transport.KeyExchanger.handle(KeyExchanger.java:359)
        at net.schmizz.sshj.transport.TransportImpl.handle(TransportImpl.java:509)
        at net.schmizz.sshj.transport.Decoder.decode(Decoder.java:107)
        at net.schmizz.sshj.transport.Decoder.received(Decoder.java:175)
        at net.schmizz.sshj.transport.Reader.run(Reader.java:60)

I have added BouncyCastle as a provider:

Security.addProvider(new BouncyCastleProvider());
if (Security.getProvider("BC") == null){
   System.out.println("Bouncy Castle provider is NOT available");
}
else{
    System.out.println("Bouncy Castle provider is available");
}

This is excerpt from gradle build file:

sourceCompatibility = 1.8

repositories {
    mavenCentral()
}

task copyShadowLibs(type: Copy) {
    from configurations.shadow
    into 'build/libs'
}

dependencies {
    implementation('commons-cli:commons-cli:1.5.0')
    implementation('com.jcraft:jzlib:1.1.3')
    implementation('org.slf4j:slf4j-api:1.7.7')
    implementation('org.slf4j:slf4j-nop:1.7.7')
    implementation('com.hierynomus:sshj:0.16.0')
    shadow 'org.bouncycastle:bcprov-jdk15to18:1.67'
}

shadowJar {
    manifest {
        attributes 'Main-Class': 'some_main_class'
    }
    archiveFileName = "${project.name}.jar"
}

shadowJar.dependsOn(copyShadowLibs)

I am out of ideas what to check - could be ssh version or something else entirely..

java

sftp

bouncycastle

0 Answers

Your Answer

Posts

Questions

Blogs

Jobs