Adam McCormick Adam McCormick - 1 month ago 31
Java Question

J2SSH - Add Key Exchange Algorithm

I am trying to SCP a file from my application to a server using j2ssh. The remote server is running TECTIA.

From the command line (Solaris machine where my app is deployed) the scp works fine using the key pair we exchanged.

From my application, j2ssh can not make a connection, throwing the exception:

Caused by: com.sshtools.j2ssh.transport.TransportProtocolException: The connection did not complete


The debug logs from j2ssh show the following:

com.sshtools.j2ssh.transport.TransportProtocolCommon.beginKeyExchange(Unknown Source) | Starting key exchange
com.sshtools.j2ssh.transport.TransportProtocolCommon.determineAlgorithm(Unknown Source) | Determine Algorithm
com.sshtools.j2ssh.transport.TransportProtocolCommon.determineAlgorithm(Unknown Source) | Client Algorithms: [diffie-hellman-group1-sha1]
com.sshtools.j2ssh.transport.TransportProtocolCommon.determineAlgorithm(Unknown Source) | Server Algorithms: [diffie-hellman-group14-sha1, diffie-hellman-group-exchange-sha1]
com.sshtools.j2ssh.transport.TransportProtocolCommon.sendMessage(Unknown Source) | Sending SSH_MSG_DISCONNECT
com.sshtools.j2ssh.transport.TransportProtocolCommon.run(Unknown Source) | The Transport Protocol has been stopped


From the above I can see above that there is no matching algorithm for the key exchange between my app and the server (debugging actually shows that the root of this problem is a
AlgorithmNotAgreedException
when no server and client algorithm match so I know this is the root cause).

How can I add new algorithms to j2ssh so it can find a match? The j2ssh documentation is pretty sparse.

Answer

You should have a sshtools.xml file in the j2ssh distribution. In that file you can add an additional ExtensionAlgorithm entry to map diffie-hellman-group14-sha1 to com.maverick.ssh.components.jce.DiffieHellmanGroup14Sha1 (or to com.maverick.ssh.components.standalone.DiffieHellmanGroup14Sha1)