IMG: AFX SSH Connection to CYGWIN receives "Algorithm Negotiation Error"
2 years ago
Originally Published: 2016-02-03
Article Number
000063084
Applies To
RSA Product Set: Identity Management and Governance
RSA Product/Service Type: Appliance, Soft Appliance, Enterprise Software
RSA Version/Condition: 7.0
Platform: All
Issue
When testing an AFX SSH connection to a Windows CYGWIN server, and "Algorithm Negotiation Error" is received and the test fails.

The log file shows

java.io.IOException: Algorithm negotiation fail
      at net.sf.commons.ssh.jsch.JschConnectionFactory.connectUsingPassword(JschConnectionFactory.java:82)
      at net.sf.commons.ssh.jsch.JschConnectionFactory.openConnection(JschConnectionFactory.java:142)
      at com.aveksa.AFX.transport.ssh.SshSettingsTest.runTest(SshSettingsTest.java:66)

......
Caused by: com.jcraft.jsch.JSchException: Algorithm negotiation fail
      at com.jcraft.jsch.Session.receive_kexinit(Session.java:529)
      at com.jcraft.jsch.Session.connect(Session.java:291)
      at net.sf.commons.ssh.jsch.JschConnectionFactory.connectUsingPassword(JschConnectionFactory.java:72)



 
Resolution
Add the  following line to /etc/sshd_config on the Windows server in question:

KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1

Above needs to be on one single line.

Related Articles

Trending Articles

Don't see what you're looking for?