I use the "camel-ftp:2.17.2" component, which internally uses "jsch:0.1.53".
I need to change the default key exchange algorithm. I know from the JSCH documentation that this can be done through a properties file.
How can I achieve this using JSCH indirectly through Camel FTP? Does it support changing this configuration?
It's currently not possible out of the box with Apache Camel. I have created a Jira ticket to allow to specify this on the component in a future Camel release.
By default, the Jsch key exchange includes several algorithms which are sent to the server, which responds with the ones it supports. Then one of those is chosen.
The issue in the post mentioned by Martin Prikryl was that even though diffie-hellman-group-exchange-sha256 was chosen, the server closed the connection. The logfile shows that the jsch client sent a maximum keysize of 1024 bits "SSH_MSG_KEX_DH_GEX_REQUEST(1024<1024<1024)". Possibly the server required 2048?
According to the JSCH changelog, since version 0.1.53 the maximum keysize should be 2048 on Java8.
If the reason for wanting to explicitly set the key exchange algorithm is to force use of a less secure one such as "diffie-hellman-group1-sha1", it would be useful to understand the reason why the algorithm negotiated by default is not working.
