The key exchange works perfectly when performing SFTP between my local servers. It also works correctly when I manually connect with SFTP @ - no password required. As soon as I go to a server outside my network, with the XML script the key exchange fails. I have sent my server's public keys and they have been installed in the authorized keys file. I need to know a parameter for the XML script to allow the key exchange to take place.
I have included the serverHostKeys=ssh-dss,ssh-rsa,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ecdh-sha2-nistp256,aes256-ctr and the publicKeyAcceptedAlgorithms=ssh-dss,ssh-rsa,ecdsa-sha2-nistp256,aes256-ctr. I was hoping this would solve the key exchange problem, but it hasn't. Here are some things from the
log:
Apache Camel 3.20.0
Java 11.0.21
Apache Tomcat 9.0.69
JSCH 0.2.1
Remote version string: SSH-2.0-OpenSSH_8.2p1 Ubuntu-4unbuntu0.fips.0.9
Local version string: SSH-2.0-JSCH_0.2.1
CheckCiphers: [email protected]
CheckKexes: curve25519-sha256,[email protected],curve448-sha512
CheckSignatures: ssh-ed25519,ssh-ed448
SSH_MSG_KEXINIT sent
SSH_MSG_KEXINIT received
kex: server: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256
kex: server: rsa-sha2-512, rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
kex: server: aes256-ctr,aes192-ctr,aes128-ctr
kex: server: aes256-ctr,aes192-ctr,aes128-ctr
kex: server: hmac-sha2-512,hmac-sha2-256
kex: server: hmac-sha2-512,hmac-sha2-256
kex: server: none,[email protected]
kex: server: none,[email protected]
kex: algorithm: ecdh-sha2-nistp256
kex: host key algorithm: ecdsa-sha2-nistp256 {ssh-rsa}
kex: server->client cipher: aes256-ctr MAC: hmac-sha2-512 compression: none {aes128-ctr}
kex: client->server cipher: aes256-ctr MAC: hmac-sha2-512 compression: none {aes128-ctr}
kex: ecdh-sha2-nistp256 need=64 dh_need=64
kex: ecdh-sha2-nistp256 need=64 dh_need=64
sent packet: type 31