A chain building exception between jsch client and sshd server

The following exception indicates that the encryption algorithm does not meet the key size.  

Find the reasons from the Internet as follows, which may be the following. This kind of error may be reported if the versions of both sides of the jdk are inconsistent. But in fact, I use the same local jdk as 1.8-u191. Take a closer look, the thread stack that reports the error prints the encryption algorithm of DSA. Then I change the lower server to use RSA and specify the key length as 2048, and then I can.

The error message means, that the key likely has 1024 bits strength, because it had been generated with any JDK version before JDK 8u151 - while at least 2048 bits key-strength are being expected:

The security strength of SHA-1 digest algorithm is not sufficient for this key size.

The reason behind this is, that the default key-size had changed from 1024 to 2048 bits with JDK 8u151. This change can also be found in the JRE/JDK crypto roadmap at datecode 2017-10-17:

Upgraded the jarsigner and keytool ‑sigalg default to SHA256withDSA and the ‑keysize default to 2048 for DSA keys.

The "Reverting Instructions" would be (which do not really apply for signage with Android Studio):

To use a different algorithm and/or smaller key size use the ‑sigalg and ‑keysize options of keytool and jarsigner to override the current defaults. Before this change the default values were SHA1withDSA and 1024 bits.
[org.apache.sshd.server.session.ServerSession] : Exception caught
java.security.InvalidKeyException: The security strength of SHA-1 digest algorithm is not sufficient for this key size
	at sun.security.provider.DSA.checkKey(DSA.java:111)
	at sun.security.provider.DSA.engineInitSign(DSA.java:143)
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1177)
	at java.security.Signature.initSign(Signature.java:530)
	at org.apache.sshd.common.signature.AbstractSignature.init(AbstractSignature.java:47)
	at org.apache.sshd.server.kex.AbstractDHGServer.next(AbstractDHGServer.java:93)
	at org.apache.sshd.server.session.ServerSession.handleMessage(ServerSession.java:177)
	at org.apache.sshd.common.session.AbstractSession.decode(AbstractSession.java:587)
	at org.apache.sshd.common.session.AbstractSession.messageReceived(AbstractSession.java:253)
	at org.apache.sshd.common.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:54)
	at org.apache.sshd.common.io.nio2.Nio2Session$2.completed(Nio2Session.java:231)
	at org.apache.sshd.common.io.nio2.Nio2Session$2.completed(Nio2Session.java:217)
	at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)
	at sun.nio.ch.Invoker$2.run(Invoker.java:218)
	at sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	at java.lang.Thread.run(Thread.java:748)

Keywords: Programming Java Apache JDK Session

Added by lala on Thu, 31 Oct 2019 06:03:55 +0200