org.apache.commons.vfs2.FileSystemException: 无法连接到SFTP服务器

huangapple
go评论112阅读模式
英文:

org.apache.commons.vfs2.FileSystemException: Could not connect to SFTP server

问题

我正在尝试使用vfs2连接器连接到一个SFTP主机,该连接器在内部使用jsch。然而,当我尝试连接时,我得到以下异常:

12:50:31.747  INFO  o.a.c.v.p.sftp.SftpClientFactory - 连接到<host>端口<port>
12:50:32.074  INFO  o.a.c.v.p.sftp.SftpClientFactory - 连接已建立
12:50:32.376  INFO  o.a.c.v.p.sftp.SftpClientFactory - 远程版本字符串:SSH-2.0-OpenSSH_7.4
12:50:32.376  INFO  o.a.c.v.p.sftp.SftpClientFactory - 本地版本字符串:SSH-2.0-JSCH-0.1.54
...
12:50:34.205  INFO  o.a.c.v.p.sftp.SftpClientFactory - 断开与<host>端口<port>的连接
12:50:34.243  ERROR c.s.saw.export.SFTPUploader - IO SFTP错误:
org.apache.commons.vfs2.FileSystemException:无法连接到位于"sftp://<user>@<host>:<port>/"的SFTP服务器。
...
Caused by: com.jcraft.jsch.JSchException:算法协商失败
...

我参考了一些博客和Stack Overflow链接,并尝试了多种方法。但仍然没有得到任何成功的结果。我还尝试了多个版本的vfs2和jsch,但都没有成功。

以下是我参考过的一些链接:

https://stackoverflow.com/questions/6263630/jschexception-algorithm-negotiation-fail

https://stackoverflow.com/questions/30846076/jsch-algorithm-negotiation-fail

https://dzone.com/articles/install-java-cryptography-extension-jce-unlimited

https://stackoverflow.com/questions/17989883/the-cipher-aes256-cbc-is-required-but-it-is-not-available#20072135

请问有人能帮我解决这个问题吗?

英文:

I'm trying to connect to a SFTP host using vfs2 connector, which internally uses jsch.
However, when I try to connect, I get the following exception:

12:50:31.747  INFO  o.a.c.v.p.sftp.SftpClientFactory - Connecting to &lt;host&gt; port &lt;port&gt;
12:50:32.074  INFO  o.a.c.v.p.sftp.SftpClientFactory - Connection established
12:50:32.376  INFO  o.a.c.v.p.sftp.SftpClientFactory - Remote version string: SSH-2.0-OpenSSH_7.4
12:50:32.376  INFO  o.a.c.v.p.sftp.SftpClientFactory - Local version string: SSH-2.0-JSCH-0.1.54
12:50:32.376  INFO  o.a.c.v.p.sftp.SftpClientFactory - CheckCiphers: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256
12:50:33.489  INFO  o.a.c.v.p.sftp.SftpClientFactory - CheckKexes: diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521
12:50:34.192  INFO  o.a.c.v.p.sftp.SftpClientFactory - CheckSignatures: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
12:50:34.203  INFO  o.a.c.v.p.sftp.SftpClientFactory - SSH_MSG_KEXINIT sent
12:50:34.203  INFO  o.a.c.v.p.sftp.SftpClientFactory - SSH_MSG_KEXINIT received
12:50:34.203  INFO  o.a.c.v.p.sftp.SftpClientFactory - kex: server: curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
12:50:34.203  INFO  o.a.c.v.p.sftp.SftpClientFactory - kex: server: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-ed25519
12:50:34.203  INFO  o.a.c.v.p.sftp.SftpClientFactory - kex: server: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc
12:50:34.203  INFO  o.a.c.v.p.sftp.SftpClientFactory - kex: server: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc
12:50:34.203  INFO  o.a.c.v.p.sftp.SftpClientFactory - kex: server: hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com
12:50:34.203  INFO  o.a.c.v.p.sftp.SftpClientFactory - kex: server: hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com
12:50:34.203  INFO  o.a.c.v.p.sftp.SftpClientFactory - kex: server: none,zlib@openssh.com
12:50:34.204  INFO  o.a.c.v.p.sftp.SftpClientFactory - kex: server: none,zlib@openssh.com
12:50:34.204  INFO  o.a.c.v.p.sftp.SftpClientFactory - kex: server: 
12:50:34.204  INFO  o.a.c.v.p.sftp.SftpClientFactory - kex: server: 
12:50:34.204  INFO  o.a.c.v.p.sftp.SftpClientFactory - kex: client: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
12:50:34.204  INFO  o.a.c.v.p.sftp.SftpClientFactory - kex: client: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
12:50:34.204  INFO  o.a.c.v.p.sftp.SftpClientFactory - kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc
12:50:34.204  INFO  o.a.c.v.p.sftp.SftpClientFactory - kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc
12:50:34.204  INFO  o.a.c.v.p.sftp.SftpClientFactory - kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
12:50:34.204  INFO  o.a.c.v.p.sftp.SftpClientFactory - kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
12:50:34.204  INFO  o.a.c.v.p.sftp.SftpClientFactory - kex: client: none
12:50:34.204  INFO  o.a.c.v.p.sftp.SftpClientFactory - kex: client: none
12:50:34.204  INFO  o.a.c.v.p.sftp.SftpClientFactory - kex: client: 
12:50:34.204  INFO  o.a.c.v.p.sftp.SftpClientFactory - kex: client: 
12:50:34.205  INFO  o.a.c.v.p.sftp.SftpClientFactory - Disconnecting from &lt;host&gt; port &lt;port&gt;
12:50:34.243  ERROR c.s.saw.export.SFTPUploader - IO SFTP Error: 
org.apache.commons.vfs2.FileSystemException: Could not connect to SFTP server at &quot;sftp://&lt;user&gt;@&lt;host&gt;:&lt;port&gt;/&quot;.
	at org.apache.commons.vfs2.provider.sftp.SftpFileProvider.createSession(SftpFileProvider.java:72)
	at org.apache.commons.vfs2.provider.sftp.SftpFileProvider.doCreateFileSystem(SftpFileProvider.java:93)
	at org.apache.commons.vfs2.provider.AbstractOriginatingFileProvider.getFileSystem(AbstractOriginatingFileProvider.java:93)
	at org.apache.commons.vfs2.provider.AbstractOriginatingFileProvider.findFile(AbstractOriginatingFileProvider.java:72)
	at org.apache.commons.vfs2.provider.AbstractOriginatingFileProvider.findFile(AbstractOriginatingFileProvider.java:56)
	at org.apache.commons.vfs2.impl.DefaultFileSystemManager.resolveFile(DefaultFileSystemManager.java:717)
	at org.apache.commons.vfs2.impl.DefaultFileSystemManager.resolveFile(DefaultFileSystemManager.java:654)
	at com.synchronoss.saw.export.SFTPUploader.uploadFile(SFTPUploader.java:99)
	at com.synchronoss.saw.export.SFTPUploader.main(SFTPUploader.java:134)
Caused by: org.apache.commons.vfs2.FileSystemException: Could not connect to SFTP server at &quot;&lt;host&gt;&quot;.
	at org.apache.commons.vfs2.provider.sftp.SftpClientFactory.createConnection(SftpClientFactory.java:163)
	at org.apache.commons.vfs2.provider.sftp.SftpFileProvider.createSession(SftpFileProvider.java:65)
	... 8 common frames omitted
Caused by: com.jcraft.jsch.JSchException: Algorithm negotiation fail
	at com.jcraft.jsch.Session.receive_kexinit(Session.java:590)
	at com.jcraft.jsch.Session.connect(Session.java:320)
	at com.jcraft.jsch.Session.connect(Session.java:183)
	at org.apache.commons.vfs2.provider.sftp.SftpClientFactory.createConnection(SftpClientFactory.java:161)
	... 9 common frames omitted

I referred to a few blogs and stackoverflow links and tried multiple things. Still I'm not getting any successful result. Also, tried multiple versions of vfs2 and jsch with no avail.

Here are some of the links I referred:

https://stackoverflow.com/questions/6263630/jschexception-algorithm-negotiation-fail

https://stackoverflow.com/questions/30846076/jsch-algorithm-negotiation-fail

https://dzone.com/articles/install-java-cryptography-extension-jce-unlimited

https://stackoverflow.com/questions/17989883/the-cipher-aes256-cbc-is-required-but-it-is-not-available#20072135

Can someone please help me with this?

答案1

得分: 1

Your server supports only these MACs:

hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com

Those are not supported by JSch.

If you need to connect with JSch, you will have to configure your server to allow some MACs that JSch does support:

hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96

Use the MACs directive in sshd_config.

Though hmac-sha2-*-etm@openssh.com and hmac-sha2-* are possibly just aliases. So configuring JSch appropriately may help too:

config.put("hmac-sha2-256-etm@openssh.com", "com.jcraft.jsch.jce.HMACSHA256");

But I'm not sure if the vfs2 interface allows such configuration.

英文:

Your server supports only these MACs:

hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com

Those are not supported by JSch.

If you need to connect with JSch, you will have to configure your server to allow some MACs that JSch does support:

hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96

Use the MACs directive in sshd_config.

Though hmac-sha2-*-etm@openssh.com and hmac-sha2-* are possibly just aliases. So configuring JSch appropriately may help too:

config.put(&quot;hmac-sha2-256-etm@openssh.com&quot;, &quot;com.jcraft.jsch.jce.HMACSHA256&quot;);

But I'm not sure, if vfs2 interface allows such configuration.

huangapple
  • 本文由 发表于 2020年5月29日 15:59:06
  • 转载请务必保留本文链接:https://go.coder-hub.com/62081282.html
  • java
  • jsch
  • openssl
  • sftp
  • ssh
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定