Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » Target Management » RSE ssh connections FAIL unless remotes' sshd_config has weak Ciphers/MACs ? Why?
RSE ssh connections FAIL unless remotes' sshd_config has weak Ciphers/MACs ? Why? [message #1696261] Sun, 24 May 2015 17:15 Go to next message
Bob Devanna is currently offline Bob DevannaFriend
Messages: 5
Registered: May 2015
Junior Member
I'm setting up Eclipse Luna as a new IDE for a small team.

It's an all-Linux environment, and site-to-site comms are typically SSH, with ciphers, macs & kexalgorithms tightened up -- using elliptical ciphers and higher bit algos in general.

On the Eclipse end of things, I've setup its Remote System Explorer (RSE) toolkit for access to/across multiple sites.

I've found that unless I 'dumb down' the remotes' sshd_config, to include weaker "Ciphers+=aes128-ctr" & "MACs+=hmac-md5", Eclipse RSE fails on the connection.

With those ^^ config opts, the connection opens without error; without those opts, no connection.

I suspect (?) this has to do with Java's encryption layer / config, but don't know.

Is this a missing/wrong CONFIG issue on my end, or a limitation of Eclipse?

Cheers,

Bob

Report message to a moderator

Re: RSE ssh connections FAIL unless remotes' sshd_config has weak Ciphers/MACs ? Why? [message #1696656 is a reply to message #1696261] Wed, 27 May 2015 16:31 Go to previous messageGo to next message
Martin Oberhuber is currently offline Martin OberhuberFriend
Messages: 1007
Registered: July 2009
Senior Member
Hi Bob,

Eclipse comes with com.jcraft.jsch_0.1.51 for its SSH support, and some newer algorithms (including ECC) have only been added in 0.1.52:
http://www.jcraft.com/jsch/ChangeLog

see here for the complete list of algorithms supported in Jsch:
http://www.jcraft.com/jsch/

If you think that JSch should support even different Ciphers, I suggest you sign up on the JSch mailing list:
https://lists.sourceforge.net/lists/listinfo/jsch-users

If you think that Eclipse should update to JSch-0.1.52, I suggest that you file a bug against Platform/Team where you argue why this is necessary:
https://bugs.eclipse.org/bugs/enter_bug.cgi?component=Team&product=Platform&version=4.5

Thanks
Martin

Report message to a moderator

Re: RSE ssh connections FAIL unless remotes' sshd_config has weak Ciphers/MACs ? Why? [message #1696664 is a reply to message #1696656] Wed, 27 May 2015 17:38 Go to previous message
Bob Devanna is currently offline Bob DevannaFriend
Messages: 5
Registered: May 2015
Junior Member
First 'swipe' at it:

https://bugs.eclipse.org/bugs/show_bug.cgi?id=468518

Report message to a moderator

Previous Topic:Project Status and Plan ?
Next Topic:How to open a session on the local system with Terminal 3.3
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Thu Apr 25 19:43:32 GMT 2024

Powered by FUDForum. Page generated in 0.03813 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top

Sign up to our Newsletter

A fresh new issue delivered monthly