Skip to content

ganymed-ssh2-262.jar issue: Key exchange was not finished #12

New issue
New issue
Open
Open
ganymed-ssh2-262.jar issue: Key exchange was not finished#12
@bndeshpande

Description

@bndeshpande
bndeshpande
opened on Jun 24, 2024

Hi,

I'm facing this issue when I am trying to connect to the remote host (confd 7.1 SSH server generate call home) was working fine with previous versions of Kex and Mac. which below attached from the server

kex diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1;
mac hmac-sha1,hmac-sha2-256,hmac-sha2-512;
encryption aes256-ctr,aes192-ctr,aes128-ctr;

After removing all Sha1 and added Sha2 key exchanges as shown below

kex diffie-hellman-group-exchange-sha256,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256;
mac hmac-sha2-256,hmac-sha2-512;
encryption aes256-ctr,aes192-ctr,aes128-ctr;

started getting below key exchange error as shown below

at ch.ethz.ssh2.Connection.connect(Connection.java:814)
at com.tailf.jnc.SSHConnection.(SSHConnection.java:28)
at com.tailf.jnc.Device.connect(Device.java:424)
Caused by: java.io.IOException:
Key exchange was not finished, connection is closed.
at ch.ethz.ssh2.transport.KexManager.getOrWaitForConnectionInfo(KexManager.java:98)
at ch.ethz.ssh2.transport.TransportManager.getConnectionInfo(TransportManager.java:251)
at ch.ethz.ssh2.Connection.connect(Connection.java:770)
... 9 more
Caused by: java.io.IOException: Cannot negotiate, proposals do not match.

We are using ganymed-ssh-2-build262.jar via JNC client to connect to incoming call home connection. And when we found in this Ganymed library there is no support for SSH-2 moved to ganymed-ssh2-262.jar with updated code fix having in

https://github.com/SoftwareAG/ganymed-ssh-2/releases/tag/ganymed-ssh2-263

But we are seeing connection refused exception at below shown connect method.

Connection.java

public synchronized ConnectionInfo connect(ServerHostKeyVerifier verifier, int connectTimeout, int kexTimeout)
{

tm.connect(hostname, port, softwareversion, cryptoWishList, verifier, dhgexpara, connectTimeout, getOrCreateSecureRND());

Please let us know how to resolve and over come the issue mentioned.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions