From ea38d1c026e13c7dfcd07398f6b46f474d01e4dd Mon Sep 17 00:00:00 2001
From: liumangmang <liumangmang@qq.com>
Date: Wed, 4 Feb 2026 12:03:29 +0800
Subject: [PATCH] Add DH-based key exchange algorithms in SftpService and
 SshService to ensure compatibility with Java 8 minimal JRE

---
 backend/src/main/java/com/sshmanager/service/SftpService.java | 2 ++
 backend/src/main/java/com/sshmanager/service/SshService.java  | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/backend/src/main/java/com/sshmanager/service/SftpService.java b/backend/src/main/java/com/sshmanager/service/SftpService.java
index ad860a6..e348838 100644
--- a/backend/src/main/java/com/sshmanager/service/SftpService.java
+++ b/backend/src/main/java/com/sshmanager/service/SftpService.java
@@ -38,6 +38,8 @@ public class SftpService {
 
         Session session = jsch.getSession(conn.getUsername(), conn.getHost(), conn.getPort());
         session.setConfig("StrictHostKeyChecking", "no");
+        // Use only DH-based kex to avoid "Algorithm ECDH not available" on Java 8 / minimal JRE
+        session.setConfig("kex", "diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1");
         if (conn.getAuthType() == Connection.AuthType.PASSWORD && password != null) {
             session.setPassword(password);
         }
diff --git a/backend/src/main/java/com/sshmanager/service/SshService.java b/backend/src/main/java/com/sshmanager/service/SshService.java
index 1991e87..607fb9e 100644
--- a/backend/src/main/java/com/sshmanager/service/SshService.java
+++ b/backend/src/main/java/com/sshmanager/service/SshService.java
@@ -28,6 +28,8 @@ public class SshService {
 
         Session session = jsch.getSession(conn.getUsername(), conn.getHost(), conn.getPort());
         session.setConfig("StrictHostKeyChecking", "no");
+        // Use only DH-based kex to avoid "Algorithm ECDH not available" on Java 8 / minimal JRE
+        session.setConfig("kex", "diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1");
 
         if (conn.getAuthType() == Connection.AuthType.PASSWORD && password != null) {
             session.setPassword(password);