SFTP connection Algorithm negotiation fail

We are not able to create an SFTP alias in Integration Server (Version 10.1) and getting below error. This is being experienced after new java fixes.

[ISS.0147.9010] Cannot get host key from server [10.21.59.170]:22. Details: Algorithm negotiation fail

We can’t see anything in SSL logs about this. Anyone facing similar issues. sftp working using ssh shell on same server where IS is running.

Steps already tried:

  1. Java unristricted policy has been aplied and restarted the server.
  2. java.security file edited and increased the message size to 2048.

Just found few ssh logs for this.

INFO | jvm 8 | 2021/06/15 19:12:52 | %% Initialized: [Session-294, SSL_NULL_WITH_NULL_NULL]
INFO | jvm 8 | 2021/06/15 19:12:52 | Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
INFO | jvm 8 | 2021/06/15 19:12:52 | Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
INFO | jvm 8 | 2021/06/15 19:12:52 | Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1
INFO | jvm 8 | 2021/06/15 19:12:52 | Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
INFO | jvm 8 | 2021/06/15 19:12:52 | Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
INFO | jvm 8 | 2021/06/15 19:12:52 | Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1
INFO | jvm 8 | 2021/06/15 19:12:52 | Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1.1
INFO | jvm 8 | 2021/06/15 19:12:52 | HTTP Handler 172.20.150.75, READ: TLSv1.2 Handshake, length = 185
INFO | jvm 8 | 2021/06/15 19:12:52 | check handshake state: client_hello[1]
INFO | jvm 8 | 2021/06/15 19:12:52 | update handshake state: client_hello[1]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: server_hello[2]
INFO | jvm 8 | 2021/06/15 19:12:52 | *** ClientHello, TLSv1.2
INFO | jvm 8 | 2021/06/15 19:12:52 | RandomCookie: GMT: 1606930564 bytes = { 109, 197, 217, 203, 195, 252, 101, 210, 162, 112, 198, 36, 230, 124, 225, 171, 139, 103, 216, 125, 156, 254, 154, 28, 115, 217, 214, 62 }
INFO | jvm 8 | 2021/06/15 19:12:52 | Session ID: {}
INFO | jvm 8 | 2021/06/15 19:12:52 | Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
INFO | jvm 8 | 2021/06/15 19:12:52 | Compression Methods: { 0 }
INFO | jvm 8 | 2021/06/15 19:12:52 | Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1}
INFO | jvm 8 | 2021/06/15 19:12:52 | Extension ec_point_formats, formats: [uncompressed]
INFO | jvm 8 | 2021/06/15 19:12:52 | Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA224withECDSA, SHA224withRSA, SHA224withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA
INFO | jvm 8 | 2021/06/15 19:12:52 | Extension extended_master_secret
INFO | jvm 8 | 2021/06/15 19:12:52 | ***
INFO | jvm 8 | 2021/06/15 19:12:52 | %% Initialized: [Session-295, SSL_NULL_WITH_NULL_NULL]
INFO | jvm 8 | 2021/06/15 19:12:52 | Standard ciphersuite chosen: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
INFO | jvm 8 | 2021/06/15 19:12:52 | %% Negotiating: [Session-295, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384]
INFO | jvm 8 | 2021/06/15 19:12:52 | *** ServerHello, TLSv1.2
INFO | jvm 8 | 2021/06/15 19:12:52 | RandomCookie: GMT: 1606930564 bytes = { 149, 64, 68, 18, 44, 54, 111, 193, 181, 112, 69, 41, 169, 128, 230, 16, 73, 210, 31, 109, 5, 170, 71, 35, 76, 56, 73, 150 }
INFO | jvm 8 | 2021/06/15 19:12:52 | Session ID: {96, 200, 209, 132, 239, 241, 175, 16, 76, 169, 185, 143, 124, 36, 147, 64, 254, 163, 70, 130, 182, 202, 173, 225, 108, 74, 1, 177, 15, 123, 241, 174}
INFO | jvm 8 | 2021/06/15 19:12:52 | Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
INFO | jvm 8 | 2021/06/15 19:12:52 | Compression Method: 0
INFO | jvm 8 | 2021/06/15 19:12:52 | Extension renegotiation_info, renegotiated_connection:
INFO | jvm 8 | 2021/06/15 19:12:52 | Extension extended_master_secret
INFO | jvm 8 | 2021/06/15 19:12:52 | ***
INFO | jvm 8 | 2021/06/15 19:12:52 | Cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
INFO | jvm 8 | 2021/06/15 19:12:52 | update handshake state: server_hello[2]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: server certificate[11]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: server_key_exchange12
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: certificate_request13
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: server_hello_done[14]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: client certificate11
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: client_key_exchange[16]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: certificate_verify15
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: client change_cipher_spec[-1]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: client finished[20]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: server change_cipher_spec[-1]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: server finished[20]
INFO | jvm 8 | 2021/06/15 19:12:52 | *** Certificate chain
INFO | jvm 8 | 2021/06/15 19:12:52 | chain [0] = [
INFO | jvm 8 | 2021/06/15 19:12:52 | [
INFO | jvm 8 | 2021/06/15 19:12:52 | Version: V3
INFO | jvm 8 | 2021/06/15 19:12:52 | Subject: CN=ssos, OU=default, O=sag, L=Unknown, ST=Unknown, C=DE
INFO | jvm 8 | 2021/06/15 19:12:52 | Signature Algorithm: SHA512withRSA, OID = 1.2.840.113549.1.1.13
INFO | jvm 8 | 2021/06/15 19:12:52 |
INFO | jvm 8 | 2021/06/15 19:12:52 | Key: Sun RSA public key, 2048 bits
INFO | jvm 8 | 2021/06/15 19:12:52 | params: null
INFO | jvm 8 | 2021/06/15 19:12:52 | modulus: 20261873728035740446253484580142661817882864350961598311779135016807572377740360474680160333313281493133257030441352784944176175528802396539175074090282248277071489348442207315839027541584645029847605233746455562957535675508195518612245566741919942644820557925782432515201897001747870038121504314808705108687223275388347064012423494453826888440148385794242356602122060747753830018926778220666660625863379723718075545394594081917189900003265022725803718033876813886606162981071006545255653026238632650256870451297614634085503629127720848044370617459605755406558850259214979731894534587389804237768485389503797231407893
INFO | jvm 8 | 2021/06/15 19:12:52 | public exponent: 65537
INFO | jvm 8 | 2021/06/15 19:12:52 | Validity: [From: Thu Jun 11 17:46:58 AST 2015,
INFO | jvm 8 | 2021/06/15 19:12:52 | To: Sat Jun 10 17:46:58 AST 2045]
INFO | jvm 8 | 2021/06/15 19:12:52 | Issuer: CN=ssos, OU=default, O=sag, L=Unknown, ST=Unknown, C=DE
INFO | jvm 8 | 2021/06/15 19:12:52 | SerialNumber: [ 05886cdd]
INFO | jvm 8 | 2021/06/15 19:12:52 |
INFO | jvm 8 | 2021/06/15 19:12:52 | Certificate Extensions: 2
INFO | jvm 8 | 2021/06/15 19:12:52 | [1]: ObjectId: 2.5.29.15 Criticality=true
INFO | jvm 8 | 2021/06/15 19:12:52 | KeyUsage [
INFO | jvm 8 | 2021/06/15 19:12:52 | DigitalSignature
INFO | jvm 8 | 2021/06/15 19:12:52 | Key_Encipherment
INFO | jvm 8 | 2021/06/15 19:12:52 | Data_Encipherment
INFO | jvm 8 | 2021/06/15 19:12:52 | ]
INFO | jvm 8 | 2021/06/15 19:12:52 |
INFO | jvm 8 | 2021/06/15 19:12:52 | [2]: ObjectId: 2.5.29.14 Criticality=false
INFO | jvm 8 | 2021/06/15 19:12:52 | SubjectKeyIdentifier [
INFO | jvm 8 | 2021/06/15 19:12:52 | KeyIdentifier [
INFO | jvm 8 | 2021/06/15 19:12:52 | 0000: EC 78 F0 45 BA 59 57 95 F3 36 20 FA 24 46 78 82 .x.E.YW…6 .$Fx.
INFO | jvm 8 | 2021/06/15 19:12:52 | 0010: 1C BA 81 FA …
INFO | jvm 8 | 2021/06/15 19:12:52 | ]
INFO | jvm 8 | 2021/06/15 19:12:52 | ]
INFO | jvm 8 | 2021/06/15 19:12:52 |
INFO | jvm 8 | 2021/06/15 19:12:52 | ]
INFO | jvm 8 | 2021/06/15 19:12:52 | Algorithm: [SHA512withRSA]
INFO | jvm 8 | 2021/06/15 19:12:52 | Signature:
INFO | jvm 8 | 2021/06/15 19:12:52 | 0000: 27 3A 49 27 54 F5 71 1E AE 2A 97 2B 8F 25 65 60 ‘:I’T.q….+.%e INFO | jvm 8 | 2021/06/15 19:12:52 | 0010: B1 22 7C C1 7E 70 27 BF 8A F1 92 99 BF 9F 36 76 ."...p'.......6v INFO | jvm 8 | 2021/06/15 19:12:52 | 0020: 1C 3B 1B 1B 52 B7 6D 4D 96 BF 64 9A 85 21 9F 22 .;..R.mM..d..!." INFO | jvm 8 | 2021/06/15 19:12:52 | 0030: C1 D8 87 96 35 BB C0 DF 02 6E ED 56 AE FF 2F 8F ....5....n.V../. INFO | jvm 8 | 2021/06/15 19:12:52 | 0040: 5A 55 DF C2 3C 0B 56 E6 B1 4B FB 98 2C 04 98 EB ZU..<.V..K..,... INFO | jvm 8 | 2021/06/15 19:12:52 | 0050: 40 70 27 C1 A1 DB B1 1B E8 B2 FC BB 20 41 6E 2F @p'......... An/ INFO | jvm 8 | 2021/06/15 19:12:52 | 0060: 0A 3D E0 0A 6F 7C 16 FF C0 28 3E E9 7B E2 21 56 .=..o....(>...!V INFO | jvm 8 | 2021/06/15 19:12:52 | 0070: 45 44 63 C9 B7 ED 6E B0 36 07 43 80 32 87 83 DB EDc...n.6.C.2... INFO | jvm 8 | 2021/06/15 19:12:52 | 0080: 71 82 B7 24 05 8D 60 38 49 B8 67 56 E1 94 11 45 q..$..8I.gV…E
INFO | jvm 8 | 2021/06/15 19:12:52 | 0090: 2E 47 C9 05 43 75 85 D4 2E E3 6E 47 2B D1 20 38 .G…Cu…nG+. 8
INFO | jvm 8 | 2021/06/15 19:12:52 | 00A0: ED 04 B2 30 D3 8B 58 EA 50 FB 82 21 9F B5 5E A9 …0…X.P…!..^.
INFO | jvm 8 | 2021/06/15 19:12:52 | 00B0: 4D ED 6F F9 A6 60 FD 34 7E CE A3 6A 63 8B DA C5 M.o….4...jc... INFO | jvm 8 | 2021/06/15 19:12:52 | 00C0: A0 F3 01 89 BB 3A 87 97 56 1A 48 F1 19 FB 77 68 .....:..V.H...wh INFO | jvm 8 | 2021/06/15 19:12:52 | 00D0: 60 64 0A E8 4F 39 21 DB 80 96 D2 33 FC 8D A3 05 d…O9!..3…
INFO | jvm 8 | 2021/06/15 19:12:52 | 00E0: 4C 96 3F 4F 36 EB 49 BC D8 AA 91 50 53 F5 AC 35 L.?O6.I…PS…5
INFO | jvm 8 | 2021/06/15 19:12:52 | 00F0: 7F C0 0D 37 BA F5 F9 7E 09 BA C5 59 02 C8 5E B0 …7…Y…^.
INFO | jvm 8 | 2021/06/15 19:12:52 |
INFO | jvm 8 | 2021/06/15 19:12:52 | ]
INFO | jvm 8 | 2021/06/15 19:12:52 | ***
INFO | jvm 8 | 2021/06/15 19:12:52 | update handshake state: certificate[11]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: server_key_exchange12
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: certificate_request13
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: server_hello_done[14]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: client certificate11
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: client_key_exchange[16]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: certificate_verify15
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: client change_cipher_spec[-1]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: client finished[20]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: server change_cipher_spec[-1]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: server finished[20]
INFO | jvm 8 | 2021/06/15 19:12:52 | *** ECDH ServerKeyExchange
INFO | jvm 8 | 2021/06/15 19:12:52 | Signature Algorithm SHA512withRSA
INFO | jvm 8 | 2021/06/15 19:12:52 | Server key: Sun EC public key, 256 bits
INFO | jvm 8 | 2021/06/15 19:12:52 | public x coord: 25943800041983888234751492949925752325220522198304758164517383906893162993420
INFO | jvm 8 | 2021/06/15 19:12:52 | public y coord: 34941618490356139152829271741324102697807531750335247978714366586720943875885
INFO | jvm 8 | 2021/06/15 19:12:52 | parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7)
INFO | jvm 8 | 2021/06/15 19:12:52 | update handshake state: server_key_exchange[12]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: certificate_request13
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: server_hello_done[14]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: client certificate11
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: client_key_exchange[16]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: certificate_verify15
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: client change_cipher_spec[-1]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: client finished[20]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: server change_cipher_spec[-1]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: server finished[20]
INFO | jvm 8 | 2021/06/15 19:12:52 | *** ServerHelloDone
INFO | jvm 8 | 2021/06/15 19:12:52 | update handshake state: server_hello_done[14]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: client certificate11
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: client_key_exchange[16]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: certificate_verify15
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: client change_cipher_spec[-1]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: client finished[20]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: server change_cipher_spec[-1]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: server finished[20]
INFO | jvm 8 | 2021/06/15 19:12:52 | HTTP Handler 172.20.150.75, WRITE: TLSv1.2 Handshake, length = 1315
INFO | jvm 8 | 2021/06/15 19:12:52 | HTTP Handler 172.20.150.75, READ: TLSv1.2 Handshake, length = 70
INFO | jvm 8 | 2021/06/15 19:12:52 | check handshake state: client_key_exchange[16]
INFO | jvm 8 | 2021/06/15 19:12:52 | update handshake state: client_key_exchange[16]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: certificate_verify15
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: client change_cipher_spec[-1]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: client finished[20]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: server change_cipher_spec[-1]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: server finished[20]
INFO | jvm 8 | 2021/06/15 19:12:52 | *** ECDHClientKeyExchange
INFO | jvm 8 | 2021/06/15 19:12:52 | ECDH Public value: { 4, 112, 158, 185, 103, 105, 240, 110, 148, 224, 66, 181, 173, 26, 192, 51, 68, 215, 87, 179, 198, 121, 87, 217, 96, 128, 88, 34, 23, 172, 14, 24, 161, 30, 28, 77, 167, 186, 215, 22, 77, 242, 119, 190, 113, 205, 88, 33, 206, 77, 198, 168, 92, 238, 16, 207, 43, 254, 166, 36, 152, 212, 205, 138, 31 }
INFO | jvm 8 | 2021/06/15 19:12:52 | SESSION KEYGEN:
INFO | jvm 8 | 2021/06/15 19:12:52 | PreMaster Secret:
INFO | jvm 8 | 2021/06/15 19:12:52 | 0000: C4 26 15 2B EC DB D7 BA 7A 02 43 60 E5 85 E5 AD .&.+…z.C.... INFO | jvm 8 | 2021/06/15 19:12:52 | 0010: 02 7D 18 8B F8 EE 55 B0 E5 F3 2B 24 67 1E EC A4 ......U...+$g... INFO | jvm 8 | 2021/06/15 19:12:52 | CONNECTION KEYGEN: INFO | jvm 8 | 2021/06/15 19:12:52 | Client Nonce: INFO | jvm 8 | 2021/06/15 19:12:52 | 0000: 60 C8 D1 84 6D C5 D9 CB C3 FC 65 D2 A2 70 C6 24 …m…e…p.$
INFO | jvm 8 | 2021/06/15 19:12:52 | 0010: E6 7C E1 AB 8B 67 D8 7D 9C FE 9A 1C 73 D9 D6 3E …g…s…>
INFO | jvm 8 | 2021/06/15 19:12:52 | Server Nonce:
INFO | jvm 8 | 2021/06/15 19:12:52 | 0000: 60 C8 D1 84 95 40 44 12 2C 36 6F C1 B5 70 45 29 ....@D.,6o..pE) INFO | jvm 8 | 2021/06/15 19:12:52 | 0010: A9 80 E6 10 49 D2 1F 6D 05 AA 47 23 4C 38 49 96 ....I..m..G#L8I. INFO | jvm 8 | 2021/06/15 19:12:52 | Master Secret: INFO | jvm 8 | 2021/06/15 19:12:52 | 0000: 68 06 CB 39 CF 17 25 51 BF 09 DA 36 0E 1F 8A 9A h..9..%Q...6.... INFO | jvm 8 | 2021/06/15 19:12:52 | 0010: A9 34 C1 8C FA F0 31 0F D7 61 B2 9C FE B6 B9 BB .4....1..a...... INFO | jvm 8 | 2021/06/15 19:12:52 | 0020: D4 1F 33 16 E2 83 60 4B 2E DC 16 B0 72 63 80 C2 ..3...K…rc…
INFO | jvm 8 | 2021/06/15 19:12:52 | Client MAC write Secret:
INFO | jvm 8 | 2021/06/15 19:12:52 | 0000: 37 85 BD 16 94 EB 83 AA 1F 14 C2 A6 86 F5 C7 59 7…Y
INFO | jvm 8 | 2021/06/15 19:12:52 | 0010: 11 39 39 B2 A1 40 37 D1 C0 51 2A DD CA CD B3 51 .99…@7…Q
…Q
INFO | jvm 8 | 2021/06/15 19:12:52 | 0020: E7 75 42 FD D2 5C 97 5B AA 2A 4E E3 A2 27 17 54 .uB…[.*N…’.T
INFO | jvm 8 | 2021/06/15 19:12:52 | Server MAC write Secret:
INFO | jvm 8 | 2021/06/15 19:12:52 | 0000: 70 75 1D 08 EE 6D B0 81 5C C8 34 41 46 C9 7D E7 pu…m…4AF…
INFO | jvm 8 | 2021/06/15 19:12:52 | 0010: 4E AB 2F F8 C4 6C DC D6 A4 67 D2 46 32 07 10 A2 N./…l…g.F2…
INFO | jvm 8 | 2021/06/15 19:12:52 | 0020: 40 43 1D 09 64 7D C3 BB AC D9 F4 85 85 F9 C3 3D @C…d…=
INFO | jvm 8 | 2021/06/15 19:12:52 | Client write key:
INFO | jvm 8 | 2021/06/15 19:12:52 | 0000: B7 15 A1 66 01 C2 F6 9B 53 47 DE DB 8C 30 45 36 …f…SG…0E6
INFO | jvm 8 | 2021/06/15 19:12:52 | 0010: 95 54 39 01 D8 12 AB 5E EC 07 AA 34 9C 6E 5A 15 .T9…^…4.nZ.
INFO | jvm 8 | 2021/06/15 19:12:52 | Server write key:
INFO | jvm 8 | 2021/06/15 19:12:52 | 0000: 17 32 4D 75 8A F8 D7 52 E7 7B 7E 51 D1 C8 3F 79 .2Mu…R…Q…?y
INFO | jvm 8 | 2021/06/15 19:12:52 | 0010: 13 22 C9 5B C4 AC F0 D4 64 15 31 A9 40 99 45 D3 .".[…d.1.@.E.
INFO | jvm 8 | 2021/06/15 19:12:52 | … no IV derived for this protocol
INFO | jvm 8 | 2021/06/15 19:12:52 | HTTP Handler 172.20.150.75, READ: TLSv1.2 Change Cipher Spec, length = 1
INFO | jvm 8 | 2021/06/15 19:12:52 | update handshake state: change_cipher_spec
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: client finished[20]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: server change_cipher_spec[-1]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: server finished[20]
INFO | jvm 8 | 2021/06/15 19:12:52 | HTTP Handler 172.20.150.75, READ: TLSv1.2 Handshake, length = 96
INFO | jvm 8 | 2021/06/15 19:12:52 | check handshake state: finished[20]
INFO | jvm 8 | 2021/06/15 19:12:52 | update handshake state: finished[20]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: server change_cipher_spec[-1]
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: server finished[20]
INFO | jvm 8 | 2021/06/15 19:12:52 | *** Finished
INFO | jvm 8 | 2021/06/15 19:12:52 | verify_data: { 197, 60, 153, 131, 89, 58, 218, 159, 163, 26, 66, 159 }
INFO | jvm 8 | 2021/06/15 19:12:52 | ***
INFO | jvm 8 | 2021/06/15 19:12:52 | update handshake state: change_cipher_spec
INFO | jvm 8 | 2021/06/15 19:12:52 | upcoming handshake states: server finished[20]
INFO | jvm 8 | 2021/06/15 19:12:52 | HTTP Handler 172.20.150.75, WRITE: TLSv1.2 Change Cipher Spec, length = 1
INFO | jvm 8 | 2021/06/15 19:12:52 | *** Finished
INFO | jvm 8 | 2021/06/15 19:12:52 | verify_data: { 182, 98, 186, 101, 31, 198, 110, 86, 54, 59, 246, 38 }
INFO | jvm 8 | 2021/06/15 19:12:52 | ***
INFO | jvm 8 | 2021/06/15 19:12:52 | update handshake state: finished[20]

These log entries are for something else, likely an HTTPS connection. The log entries note “HTTP Handler” in several places. SSH does not use SSL/TLS.

These log entries are not the droids you’re looking for. :slight_smile:

The error message is definitely useful. The kex and algorithms supported on both sides must have an overlap. Review the list of Preferred Key Exchange Algorithms on your SFTP Server Alias Properties page and confirm with the target server what they support and adjust as needed.

Issue fixed by changing “Min DH Key Size” in Optional setting at version 2 configuration on IS Admin page to 2048.

1 Like

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.