Skip to content

jsch-0.2.15

Compare
Choose a tag to compare
@mwiede mwiede released this 20 Dec 06:10
· 401 commits to master since this release

What's Changed

This release introduces two new config options to control usage of the new strict key exchange extension:

  • enable_strict_kex (set to yes by default)
  • require_strict_kex (set to no by default)
    If either option (or both) is enabled, then JSch will attempt to use the new strict key exchange extension.
  • If the require_strict_kex option is enabled and JSch detects the server does not support it, then JSch will terminate the connection and throw an exception.
  • If the require_strict_kex option is not enabled and JSch detects the server does not support it, then JSch will fallback and proceed with the connection without using the new extension.

This gives users the ability to enable a strong security posture if needed and avoid proceeding with connections to potentially insecure servers.

Dependency Updates

Full Changelog: jsch-0.2.14...jsch-0.2.15