Home > 系统管理 > JSch连接SSH问题Exception:Algorithm negotiation fail

JSch连接SSH问题Exception:Algorithm negotiation fail

August 16th, 2016 Leave a comment Go to comments

使用Jenkins配置完远程SSH服务器,发生无法连接问题,查看Log后找到

[SSH] Exception:Algorithm negotiation fail
    com.jcraft.jsch.JSchException: Algorithm negotiation fail
    at com.jcraft.jsch.Session.receive_kexinit(Session.java:520)
    at com.jcraft.jsch.Session.connect(Session.java:286)
    at com.jcraft.jsch.Session.connect(Session.java:150)
    at org.jvnet.hudson.plugins.SSHSite.createSession(SSHSite.java:141)
    at org.jvnet.hudson.plugins.SSHSite.executeCommand(SSHSite.java:151)
    at org.jvnet.hudson.plugins.SSHBuildWrapper.executePreBuildScript(SSHBuildWrapper.java:75)
    at org.jvnet.hudson.plugins.SSHBuildWrapper.setUp(SSHBuildWrapper.java:59)
    at hudson.model.Build$BuildExecution.doRun(Build.java:154)
    at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:533)
    at hudson.model.Run.execute(Run.java:1754)
    at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43)
    at hudson.model.ResourceController.execute(ResourceController.java:89)
    at hudson.model.Executor.run(Executor.java:240)
Finished: FAILURE

原因分析:
OpenSSH和 JSch支持的交换算法不同,需要一方打开另一方支持的交换算法。

OpenSSH enables only the following key exchange algorithms by default:
- [email protected]
- ecdh-sha2-nistp256
- ecdh-sha2-nistp384
- ecdh-sha2-nistp521
- diffie-hellman-group-exchange-sha256
- diffie-hellman-group14-sha1

Where as JSch claims to support these algorithms for key exchange:
- diffie-hellman-group-exchange-sha1
- diffie-hellman-group1-sha1

解决办法:
在SSH的配置文件
/etc/ssh/sshd_config
增加以下两行,让SSH支持相应的算法和MACs

KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
 
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com,hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96

完成后重启SSH即可解决问题

参考
http://stackoverflow.com/questions/26424621/algorithm-negotiation-fail-ssh-in-jenkins

Categories: 系统管理 Tags: , ,
  1. No comments yet.
  1. No trackbacks yet.
You must be logged in to post a comment.