[jira] [Comment Edited] (SSHD-945) DSA 2048 public key authentication fails
[ https://issues.apache.org/jira/browse/SSHD-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16945848#comment-16945848 ] Lyor Goldstein edited comment on SSHD-945 at 10/7/19 12:44 PM: --- Affected code: {code:java|title=DSA.class} protected void engineInitSign(PrivateKey privateKey) ... // check key size against hash output size for signing // skip this check for verification to minimize impact on existing apps if (md.getAlgorithm() != "NullDigest20") { checkKey(params, md.getDigestLength()*8, md.getAlgorithm()); } } private static void checkKey(DSAParams params, int digestLen, String mdAlgo) throws InvalidKeyException { // FIPS186-3 states in sec4.2 that a hash function which provides // a lower security strength than the (L, N) pair ordinarily should // not be used. int valueN = params.getQ().bitLength(); if (valueN > digestLen) { throw new InvalidKeyException("The security strength of " + mdAlgo + " digest algorithm is not sufficient for this key size"); } } public RawDSA() throws NoSuchAlgorithmException { super(new NullDigest20()); } {code} {code:java|title=Signature.class} static { signatureInfo = new ConcurrentHashMap(); Boolean TRUE = Boolean.TRUE; // pre-initialize with values for our SignatureSpi implementations signatureInfo.put("sun.security.provider.DSA$RawDSA", TRUE); signatureInfo.put("sun.security.provider.DSA$SHA1withDSA", TRUE); signatureInfo.put("sun.security.rsa.RSASignature$MD2withRSA", TRUE); signatureInfo.put("sun.security.rsa.RSASignature$MD5withRSA", TRUE); signatureInfo.put("sun.security.rsa.RSASignature$SHA1withRSA", TRUE); signatureInfo.put("sun.security.rsa.RSASignature$SHA256withRSA", TRUE); signatureInfo.put("sun.security.rsa.RSASignature$SHA384withRSA", TRUE); signatureInfo.put("sun.security.rsa.RSASignature$SHA512withRSA", TRUE); signatureInfo.put("com.sun.net.ssl.internal.ssl.RSASignature", TRUE); signatureInfo.put("sun.security.pkcs11.P11Signature", TRUE); } {code} was (Author: lgoldstein): Affected code: {code:java|title=DSA.class} protected void engineInitSign(PrivateKey privateKey) ... // check key size against hash output size for signing // skip this check for verification to minimize impact on existing apps if (md.getAlgorithm() != "NullDigest20") { checkKey(params, md.getDigestLength()*8, md.getAlgorithm()); } } private static void checkKey(DSAParams params, int digestLen, String mdAlgo) throws InvalidKeyException { // FIPS186-3 states in sec4.2 that a hash function which provides // a lower security strength than the (L, N) pair ordinarily should // not be used. int valueN = params.getQ().bitLength(); if (valueN > digestLen) { throw new InvalidKeyException("The security strength of " + mdAlgo + " digest algorithm is not sufficient for this key size"); } } {code} > DSA 2048 public key authentication fails > > > Key: SSHD-945 > URL: https://issues.apache.org/jira/browse/SSHD-945 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 2.1.0 >Reporter: Logan >Priority: Major > Attachments: DSAKeyTests.java, maverick_id_dsa > > > While RSA 1024, 2048 and DSA 1024 keys succeed, DSA 2048 fails with error > trace listed below. I am trying to figure out if the issue is related to DSA > keys generated by JDK or apache SSHD. Attached is the test case. > > Tests with JSch API also fail with DSA 2048 keys. > > Error trace: > {code:java} > org.apache.sshd.common.SshException: No more authentication methods > availableorg.apache.sshd.common.SshException: No more authentication methods > available at > org.apache.sshd.client.session.ClientUserAuthService.tryNext(ClientUserAuthService.java:318) > at > org.apache.sshd.client.session.ClientUserAuthService.processUserAuth(ClientUserAuthService.java:254) > at > org.apache.sshd.client.session.ClientUserAuthService.process(ClientUserAuthService.java:201) > at > org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:626) > at > org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:559) > at > org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1542) > at > org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:520) > at >
[jira] [Comment Edited] (SSHD-945) DSA 2048 public key authentication fails
[ https://issues.apache.org/jira/browse/SSHD-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16943993#comment-16943993 ] Logan edited comment on SSHD-945 at 10/3/19 8:43 PM: - Attached maverick key is readable by Jsch API version 0.1.55 {code:java} @Test public void testExistingDsa() throws Exception { byte[] privateKeyBytes = org.apache.sshd.common.util.io.IoUtils.toByteArray(getClass().getResourceAsStream("/maverick_id_dsa")); java.util.Properties config = new java.util.Properties(); config.put("StrictHostKeyChecking", "no"); com.jcraft.jsch.JSch jsch = new com.jcraft.jsch.JSch(); jsch.addIdentity("test", privateKeyBytes, null, null); com.jcraft.jsch.Session session = jsch.getSession("test", "localhost", PORT); session.setConfig(config); session.connect(); session.getHostKey().getFingerPrint(jsch); }{code} was (Author: apachelogan): Attached maverick key is readable by Jsch API {code:java} @Test public void testExistingDsa() throws Exception { byte[] privateKeyBytes = org.apache.sshd.common.util.io.IoUtils.toByteArray(getClass().getResourceAsStream("/maverick_id_dsa")); java.util.Properties config = new java.util.Properties(); config.put("StrictHostKeyChecking", "no"); com.jcraft.jsch.JSch jsch = new com.jcraft.jsch.JSch(); jsch.addIdentity("test", privateKeyBytes, null, null); com.jcraft.jsch.Session session = jsch.getSession("test", "localhost", PORT); session.setConfig(config); session.connect(); session.getHostKey().getFingerPrint(jsch); }{code} > DSA 2048 public key authentication fails > > > Key: SSHD-945 > URL: https://issues.apache.org/jira/browse/SSHD-945 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 2.1.0 >Reporter: Logan >Priority: Major > Attachments: DSAKeyTests.java, maverick_id_dsa > > > While RSA 1024, 2048 and DSA 1024 keys succeed, DSA 2048 fails with error > trace listed below. I am trying to figure out if the issue is related to DSA > keys generated by JDK or apache SSHD. Attached is the test case. > > Tests with JSch API also fail with DSA 2048 keys. > > Error trace: > {code:java} > org.apache.sshd.common.SshException: No more authentication methods > availableorg.apache.sshd.common.SshException: No more authentication methods > available at > org.apache.sshd.client.session.ClientUserAuthService.tryNext(ClientUserAuthService.java:318) > at > org.apache.sshd.client.session.ClientUserAuthService.processUserAuth(ClientUserAuthService.java:254) > at > org.apache.sshd.client.session.ClientUserAuthService.process(ClientUserAuthService.java:201) > at > org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:626) > at > org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:559) > at > org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1542) > at > org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:520) > at > org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:63) > at > org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:339) > at > org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:318) > at > org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:315) > at > org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38) > at java.security.AccessController.doPrivileged(Native Method) at > org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37) > at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126) at > sun.nio.ch.Invoker$2.run(Invoker.java:218) at > sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112) > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) > at java.lang.Thread.run(Thread.java:748){code} > [^DSAKeyTests.java] -- This message was sent by Atlassian Jira (v8.3.4#803005) - To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org
[jira] [Comment Edited] (SSHD-945) DSA 2048 public key authentication fails
[ https://issues.apache.org/jira/browse/SSHD-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16943993#comment-16943993 ] Logan edited comment on SSHD-945 at 10/3/19 8:41 PM: - Attached maverick key is readable by Jsch API {code:java} @Test public void testExistingDsa() throws Exception { byte[] privateKeyBytes = org.apache.sshd.common.util.io.IoUtils.toByteArray(getClass().getResourceAsStream("/maverick_id_dsa")); java.util.Properties config = new java.util.Properties(); config.put("StrictHostKeyChecking", "no"); com.jcraft.jsch.JSch jsch = new com.jcraft.jsch.JSch(); jsch.addIdentity("test", privateKeyBytes, null, null); com.jcraft.jsch.Session session = jsch.getSession("test", "localhost", PORT); session.setConfig(config); session.connect(); session.getHostKey().getFingerPrint(jsch); }{code} was (Author: apachelogan): Attached maverick key is readable by Jsch API @Test public void testExistingDsa() throws Exception { byte[] privateKeyBytes = org.apache.sshd.common.util.io.IoUtils.toByteArray(getClass().getResourceAsStream("/maverick_id_dsa")); java.util.Properties config = new java.util.Properties(); config.put("StrictHostKeyChecking", "no"); com.jcraft.jsch.JSch jsch = new com.jcraft.jsch.JSch(); jsch.addIdentity("test", privateKeyBytes, null, null); com.jcraft.jsch.Session session = jsch.getSession("test", "localhost", PORT); session.setConfig(config); session.connect(); session.getHostKey().getFingerPrint(jsch); } > DSA 2048 public key authentication fails > > > Key: SSHD-945 > URL: https://issues.apache.org/jira/browse/SSHD-945 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 2.1.0 >Reporter: Logan >Priority: Major > Attachments: DSAKeyTests.java, maverick_id_dsa > > > While RSA 1024, 2048 and DSA 1024 keys succeed, DSA 2048 fails with error > trace listed below. I am trying to figure out if the issue is related to DSA > keys generated by JDK or apache SSHD. Attached is the test case. > > Tests with JSch API also fail with DSA 2048 keys. > > Error trace: > {code:java} > org.apache.sshd.common.SshException: No more authentication methods > availableorg.apache.sshd.common.SshException: No more authentication methods > available at > org.apache.sshd.client.session.ClientUserAuthService.tryNext(ClientUserAuthService.java:318) > at > org.apache.sshd.client.session.ClientUserAuthService.processUserAuth(ClientUserAuthService.java:254) > at > org.apache.sshd.client.session.ClientUserAuthService.process(ClientUserAuthService.java:201) > at > org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:626) > at > org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:559) > at > org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1542) > at > org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:520) > at > org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:63) > at > org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:339) > at > org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:318) > at > org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:315) > at > org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38) > at java.security.AccessController.doPrivileged(Native Method) at > org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37) > at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126) at > sun.nio.ch.Invoker$2.run(Invoker.java:218) at > sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112) > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) > at java.lang.Thread.run(Thread.java:748){code} > [^DSAKeyTests.java] -- This message was sent by Atlassian Jira (v8.3.4#803005) - To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org
[jira] [Comment Edited] (SSHD-945) DSA 2048 public key authentication fails
[ https://issues.apache.org/jira/browse/SSHD-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16943615#comment-16943615 ] Logan edited comment on SSHD-945 at 10/3/19 3:20 PM: - Oddly I have some DSA 2048 keys (generated by old maverick code) that does not fail at all. Wondering if this has something to do with the way key pair is generated? Attached file named maverick_id_dsa was (Author: apachelogan): Oddly I have some DSA 2048 keys (generated by old maverick code) that does not fail at all. Wondering if this has something to do with the way key pair is generated? Attached dsa 2048 private key (file named maverick_id_dsa) that works without issues > DSA 2048 public key authentication fails > > > Key: SSHD-945 > URL: https://issues.apache.org/jira/browse/SSHD-945 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 2.1.0 >Reporter: Logan >Priority: Major > Attachments: DSAKeyTests.java, maverick_id_dsa > > > While RSA 1024, 2048 and DSA 1024 keys succeed, DSA 2048 fails with error > trace listed below. I am trying to figure out if the issue is related to DSA > keys generated by JDK or apache SSHD. Attached is the test case. > > Tests with JSch API also fail with DSA 2048 keys. > > Error trace: > {code:java} > org.apache.sshd.common.SshException: No more authentication methods > availableorg.apache.sshd.common.SshException: No more authentication methods > available at > org.apache.sshd.client.session.ClientUserAuthService.tryNext(ClientUserAuthService.java:318) > at > org.apache.sshd.client.session.ClientUserAuthService.processUserAuth(ClientUserAuthService.java:254) > at > org.apache.sshd.client.session.ClientUserAuthService.process(ClientUserAuthService.java:201) > at > org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:626) > at > org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:559) > at > org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1542) > at > org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:520) > at > org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:63) > at > org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:339) > at > org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:318) > at > org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:315) > at > org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38) > at java.security.AccessController.doPrivileged(Native Method) at > org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37) > at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126) at > sun.nio.ch.Invoker$2.run(Invoker.java:218) at > sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112) > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) > at java.lang.Thread.run(Thread.java:748){code} > [^DSAKeyTests.java] -- This message was sent by Atlassian Jira (v8.3.4#803005) - To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org
[jira] [Comment Edited] (SSHD-945) DSA 2048 public key authentication fails
[ https://issues.apache.org/jira/browse/SSHD-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16943615#comment-16943615 ] Logan edited comment on SSHD-945 at 10/3/19 3:08 PM: - Oddly I have some DSA 2048 keys (generated by old maverick code) that does not fail at all. Wondering if this has something to do with the way key pair is generated? Attached dsa 2048 private key (file named maverick_id_dsa) that works without issues was (Author: apachelogan): Oddly I have some DSA 2048 keys (generated by old maverick code) that does not fail at all. Wondering if this has something to do with the way key pair is generated? Attached dsa 2048 private key that works. > DSA 2048 public key authentication fails > > > Key: SSHD-945 > URL: https://issues.apache.org/jira/browse/SSHD-945 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 2.1.0 >Reporter: Logan >Priority: Major > Attachments: DSAKeyTests.java, maverick_id_dsa > > > While RSA 1024, 2048 and DSA 1024 keys succeed, DSA 2048 fails with error > trace listed below. I am trying to figure out if the issue is related to DSA > keys generated by JDK or apache SSHD. Attached is the test case. > > Tests with JSch API also fail with DSA 2048 keys. > > Error trace: > {code:java} > org.apache.sshd.common.SshException: No more authentication methods > availableorg.apache.sshd.common.SshException: No more authentication methods > available at > org.apache.sshd.client.session.ClientUserAuthService.tryNext(ClientUserAuthService.java:318) > at > org.apache.sshd.client.session.ClientUserAuthService.processUserAuth(ClientUserAuthService.java:254) > at > org.apache.sshd.client.session.ClientUserAuthService.process(ClientUserAuthService.java:201) > at > org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:626) > at > org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:559) > at > org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1542) > at > org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:520) > at > org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:63) > at > org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:339) > at > org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:318) > at > org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:315) > at > org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38) > at java.security.AccessController.doPrivileged(Native Method) at > org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37) > at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126) at > sun.nio.ch.Invoker$2.run(Invoker.java:218) at > sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112) > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) > at java.lang.Thread.run(Thread.java:748){code} > [^DSAKeyTests.java] -- This message was sent by Atlassian Jira (v8.3.4#803005) - To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org
[jira] [Comment Edited] (SSHD-945) DSA 2048 public key authentication fails
[ https://issues.apache.org/jira/browse/SSHD-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16943615#comment-16943615 ] Logan edited comment on SSHD-945 at 10/3/19 3:07 PM: - Oddly I have some DSA 2048 keys (generated by old maverick code) that does not fail at all. Wondering if this has something to do with the way key pair is generated? Attached dsa 2048 private key that works. was (Author: apachelogan): Oddly I have some DSA 2048 keys (generated by old maverick code) that does not fail at all. Wondering if this has something to do with the way key pair is generated? > DSA 2048 public key authentication fails > > > Key: SSHD-945 > URL: https://issues.apache.org/jira/browse/SSHD-945 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 2.1.0 >Reporter: Logan >Priority: Major > Attachments: DSAKeyTests.java, maverick_id_dsa > > > While RSA 1024, 2048 and DSA 1024 keys succeed, DSA 2048 fails with error > trace listed below. I am trying to figure out if the issue is related to DSA > keys generated by JDK or apache SSHD. Attached is the test case. > > Tests with JSch API also fail with DSA 2048 keys. > > Error trace: > {code:java} > org.apache.sshd.common.SshException: No more authentication methods > availableorg.apache.sshd.common.SshException: No more authentication methods > available at > org.apache.sshd.client.session.ClientUserAuthService.tryNext(ClientUserAuthService.java:318) > at > org.apache.sshd.client.session.ClientUserAuthService.processUserAuth(ClientUserAuthService.java:254) > at > org.apache.sshd.client.session.ClientUserAuthService.process(ClientUserAuthService.java:201) > at > org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:626) > at > org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:559) > at > org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1542) > at > org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:520) > at > org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:63) > at > org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:339) > at > org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:318) > at > org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:315) > at > org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38) > at java.security.AccessController.doPrivileged(Native Method) at > org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37) > at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126) at > sun.nio.ch.Invoker$2.run(Invoker.java:218) at > sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112) > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) > at java.lang.Thread.run(Thread.java:748){code} > [^DSAKeyTests.java] -- This message was sent by Atlassian Jira (v8.3.4#803005) - To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org
[jira] [Comment Edited] (SSHD-945) DSA 2048 public key authentication fails
[ https://issues.apache.org/jira/browse/SSHD-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16943402#comment-16943402 ] Thomas Wolf edited comment on SSHD-945 at 10/3/19 9:45 AM: --- {quote}org.apache.sshd.common.SshException: DefaultAuthFuture[ssh-connection]: Failed (InvalidKeyException) to execute: The security strength of SHA-1 digest algorithm is not sufficient for this key {quote} is exactly the problem pointed out in [https://bugzilla.mindrot.org/show_bug.cgi?id=1647:] SHA-1 is 160 bits and is mandated by RFC 4253, but for a DSA2048 key one would need a longer signature hash (224 or 256bits). Interestingly enough, OpenSSH does work with such keys (if DSA is enabled at all in client and server), and uses SHA256 (client log; OS X, OpenSSH_7.4p1, LibreSSL 2.5.0): {code:java} ... debug1: Next authentication method: publickey debug1: Offering DSA public key: /Users/thomas/.ssh/id_dsa_2048 debug3: send_pubkey_test debug3: send packet: type 50 debug2: we sent a publickey packet, wait for reply debug3: receive packet: type 60 debug1: Server accepts key: pkalg ssh-dss blen 818 debug2: input_userauth_pk_ok: fp SHA256:usOY30m0OcvF44d+OK0TezJ9xfOoY0c6Fn1lzA+gQ6M debug3: sign_and_send_pubkey: DSA SHA256:usOY30m0OcvF44d+OK0TezJ9xfOoY0c6Fn1lzA+gQ6M debug3: send packet: type 50 debug3: receive packet: type 52 debug1: Authentication succeeded (publickey). ... {code} See [https://zonena.me/2014/02/using-2048-bit-dsa-keys-with-openssh/] for how to create a DSA 2048 bit key, and DSA must be enabled in both openSSH client and server ({{PubkeyAcceptedKeyTypes=+ssh-dss}} in the config files). was (Author: wolft): {quote} org.apache.sshd.common.SshException: DefaultAuthFuture[ssh-connection]: Failed (InvalidKeyException) to execute: The security strength of SHA-1 digest algorithm is not sufficient for this key {quote} is exactly the problem pointed out in https://bugzilla.mindrot.org/show_bug.cgi?id=1647: SHA-1 is 160 bits and is mandated by RFC 4253, but for a DSA2048 key one would need a longer hash (224 or 256bits). Interestingly enough, OpenSSH does work with such keys (if DSA is enabled at all in client and server), and uses SHA256 (client log; OS X, OpenSSH_7.4p1, LibreSSL 2.5.0): {code} ... debug1: Next authentication method: publickey debug1: Offering DSA public key: /Users/thomas/.ssh/id_dsa_2048 debug3: send_pubkey_test debug3: send packet: type 50 debug2: we sent a publickey packet, wait for reply debug3: receive packet: type 60 debug1: Server accepts key: pkalg ssh-dss blen 818 debug2: input_userauth_pk_ok: fp SHA256:usOY30m0OcvF44d+OK0TezJ9xfOoY0c6Fn1lzA+gQ6M debug3: sign_and_send_pubkey: DSA SHA256:usOY30m0OcvF44d+OK0TezJ9xfOoY0c6Fn1lzA+gQ6M debug3: send packet: type 50 debug3: receive packet: type 52 debug1: Authentication succeeded (publickey). ... {code} See https://zonena.me/2014/02/using-2048-bit-dsa-keys-with-openssh/ for how to create a DSA 2048 bit key, and DSA must be enabled in both openSSH client and server ({{PubkeyAcceptedKeyTypes=+ssh-dss}} in the config files). > DSA 2048 public key authentication fails > > > Key: SSHD-945 > URL: https://issues.apache.org/jira/browse/SSHD-945 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 2.1.0 >Reporter: Logan >Priority: Major > Attachments: DSAKeyTests.java > > > While RSA 1024, 2048 and DSA 1024 keys succeed, DSA 2048 fails with error > trace listed below. I am trying to figure out if the issue is related to DSA > keys generated by JDK or apache SSHD. Attached is the test case. > > Tests with JSch API also fail with DSA 2048 keys. > > Error trace: > {code:java} > org.apache.sshd.common.SshException: No more authentication methods > availableorg.apache.sshd.common.SshException: No more authentication methods > available at > org.apache.sshd.client.session.ClientUserAuthService.tryNext(ClientUserAuthService.java:318) > at > org.apache.sshd.client.session.ClientUserAuthService.processUserAuth(ClientUserAuthService.java:254) > at > org.apache.sshd.client.session.ClientUserAuthService.process(ClientUserAuthService.java:201) > at > org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:626) > at > org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:559) > at > org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1542) > at > org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:520) > at > org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:63) > at > org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:339) > at >
[jira] [Comment Edited] (SSHD-945) DSA 2048 public key authentication fails
[ https://issues.apache.org/jira/browse/SSHD-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16943158#comment-16943158 ] Logan edited comment on SSHD-945 at 10/2/19 10:54 PM: -- Few observations: I am running on JDK 1.8.0_201 unlimited strength. Bbouncy castle was included in the classpath. After removing bouncy castle I get a different error stack trace but still fails. {code:java} org.apache.sshd.common.SshException: DefaultAuthFuture[ssh-connection]: Failed (InvalidKeyException) to execute: The security strength of SHA-1 digest algorithm is not sufficient for this key sizeorg.apache.sshd.common.SshException: DefaultAuthFuture[ssh-connection]: Failed (InvalidKeyException) to execute: The security strength of SHA-1 digest algorithm is not sufficient for this key size at org.apache.sshd.common.future.AbstractSshFuture.lambda$verifyResult$1(AbstractSshFuture.java:132) at org.apache.sshd.common.future.AbstractSshFuture.formatExceptionMessage(AbstractSshFuture.java:187) at org.apache.sshd.common.future.AbstractSshFuture.verifyResult(AbstractSshFuture.java:132) at org.apache.sshd.client.future.DefaultAuthFuture.verify(DefaultAuthFuture.java:40) at org.apache.sshd.client.future.DefaultAuthFuture.verify(DefaultAuthFuture.java:33) at org.apache.sshd.common.future.VerifiableFuture.verify(VerifiableFuture.java:44) at com.citi.grandcentral.sftp.DSAKeyTests.testGenerated(DSAKeyTests.java:166) at com.citi.grandcentral.sftp.DSAKeyTests.testDsa2048(DSAKeyTests.java:194) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50) at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12) at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47) at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17) at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325) at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78) at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57) at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290) at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71) at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288) at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58) at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268) at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:26) at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:27) at org.junit.runners.ParentRunner.run(ParentRunner.java:363) at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:86) at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:459) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:678) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:382) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:192)Caused by: java.security.InvalidKeyException: The security strength of SHA-1 digest algorithm is not sufficient for this key size at sun.security.provider.DSA.checkKey(DSA.java:111) at sun.security.provider.DSA.engineInitSign(DSA.java:143) at java.security.Signature$Delegate.init(Signature.java:1155) at java.security.Signature$Delegate.chooseProvider(Signature.java:1115) at java.security.Signature$Delegate.engineInitSign(Signature.java:1179) at java.security.Signature.initSign(Signature.java:530) at org.apache.sshd.common.signature.AbstractSignature.initSigner(AbstractSignature.java:91) at org.apache.sshd.client.auth.pubkey.KeyPairIdentity.sign(KeyPairIdentity.java:61) at org.apache.sshd.client.auth.pubkey.UserAuthPublicKey.appendSignature(UserAuthPublicKey.java:225) at org.apache.sshd.client.auth.pubkey.UserAuthPublicKey.processAuthDataRequest(UserAuthPublicKey.java:203) at org.apache.sshd.client.auth.AbstractUserAuth.process(AbstractUserAuth.java:73) at org.apache.sshd.client.session.ClientUserAuthService.processUserAuth(ClientUserAuthService.java:268) at org.apache.sshd.client.session.ClientUserAuthService.process(ClientUserAuthService.java:201) at org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:626) at org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:559) at
[jira] [Comment Edited] (SSHD-945) DSA 2048 public key authentication fails
[ https://issues.apache.org/jira/browse/SSHD-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16943158#comment-16943158 ] Logan edited comment on SSHD-945 at 10/2/19 10:53 PM: -- Few observations: I am running on JDK 1.8.0_201 unlimited strength. Bbouncy castle was included in the classpath. After removing bouncy castle I get a different error stack trace but still fails. org.apache.sshd.common.SshException: DefaultAuthFuture[ssh-connection]: Failed (InvalidKeyException) to execute: The security strength of SHA-1 digest algorithm is not sufficient for this key sizeorg.apache.sshd.common.SshException: DefaultAuthFuture[ssh-connection]: Failed (InvalidKeyException) to execute: The security strength of SHA-1 digest algorithm is not sufficient for this key size at org.apache.sshd.common.future.AbstractSshFuture.lambda$verifyResult$1(AbstractSshFuture.java:132) at org.apache.sshd.common.future.AbstractSshFuture.formatExceptionMessage(AbstractSshFuture.java:187) at org.apache.sshd.common.future.AbstractSshFuture.verifyResult(AbstractSshFuture.java:132) at org.apache.sshd.client.future.DefaultAuthFuture.verify(DefaultAuthFuture.java:40) at org.apache.sshd.client.future.DefaultAuthFuture.verify(DefaultAuthFuture.java:33) at org.apache.sshd.common.future.VerifiableFuture.verify(VerifiableFuture.java:44) at com.citi.grandcentral.sftp.DSAKeyTests.testGenerated(DSAKeyTests.java:166) at com.citi.grandcentral.sftp.DSAKeyTests.testDsa2048(DSAKeyTests.java:194) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50) at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12) at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47) at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17) at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325) at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78) at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57) at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290) at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71) at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288) at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58) at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268) at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:26) at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:27) at org.junit.runners.ParentRunner.run(ParentRunner.java:363) at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:86) at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:459) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:678) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:382) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:192)Caused by: java.security.InvalidKeyException: The security strength of SHA-1 digest algorithm is not sufficient for this key size at sun.security.provider.DSA.checkKey(DSA.java:111) at sun.security.provider.DSA.engineInitSign(DSA.java:143) at java.security.Signature$Delegate.init(Signature.java:1155) at java.security.Signature$Delegate.chooseProvider(Signature.java:1115) at java.security.Signature$Delegate.engineInitSign(Signature.java:1179) at java.security.Signature.initSign(Signature.java:530) at org.apache.sshd.common.signature.AbstractSignature.initSigner(AbstractSignature.java:91) at org.apache.sshd.client.auth.pubkey.KeyPairIdentity.sign(KeyPairIdentity.java:61) at org.apache.sshd.client.auth.pubkey.UserAuthPublicKey.appendSignature(UserAuthPublicKey.java:225) at org.apache.sshd.client.auth.pubkey.UserAuthPublicKey.processAuthDataRequest(UserAuthPublicKey.java:203) at org.apache.sshd.client.auth.AbstractUserAuth.process(AbstractUserAuth.java:73) at org.apache.sshd.client.session.ClientUserAuthService.processUserAuth(ClientUserAuthService.java:268) at org.apache.sshd.client.session.ClientUserAuthService.process(ClientUserAuthService.java:201) at org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:626) at org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:559) at
[jira] [Comment Edited] (SSHD-945) DSA 2048 public key authentication fails
[ https://issues.apache.org/jira/browse/SSHD-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16943160#comment-16943160 ] Logan edited comment on SSHD-945 at 10/2/19 10:53 PM: -- I changed the host key provider from {code:java} sshd.setKeyPairProvider(new SimpleGeneratorHostKeyProvider());{code} to below {code:java} SimpleGeneratorHostKeyProvider keyProvider = new SimpleGeneratorHostKeyProvider();SimpleGeneratorHostKeyProvider keyProvider = new SimpleGeneratorHostKeyProvider(); keyProvider.setAlgorithm("DSA"); keyProvider.setKeySize(2048); sshd.setKeyPairProvider(keyProvider);{code} and I see different stack trace: {code:java} org.apache.sshd.common.SshException: Session is being closedorg.apache.sshd.common.SshException: Session is being closed at org.apache.sshd.client.session.ClientSessionImpl.preClose(ClientSessionImpl.java:126) at org.apache.sshd.common.util.closeable.AbstractCloseable.close(AbstractCloseable.java:82) at org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.sessionClosed(AbstractSessionIoHandler.java:46) at org.apache.sshd.common.io.nio2.Nio2Session.doCloseImmediately(Nio2Session.java:266) at org.apache.sshd.common.util.closeable.AbstractCloseable.close(AbstractCloseable.java:83) at org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:353) at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:318) at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:315) at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38) at java.security.AccessController.doPrivileged(Native Method) at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37) at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126) at sun.nio.ch.Invoker$2.run(Invoker.java:218) at sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748){code} was (Author: apachelogan): I changed the host key provider from {code:java} sshd.setKeyPairProvider(new SimpleGeneratorHostKeyProvider());{code} to below {code:java} SimpleGeneratorHostKeyProvider keyProvider = new SimpleGeneratorHostKeyProvider();SimpleGeneratorHostKeyProvider keyProvider = new SimpleGeneratorHostKeyProvider(); keyProvider.setAlgorithm("DSA"); keyProvider.setKeySize(2048); sshd.setKeyPairProvider(keyProvider);{code} and I see different stack trace: {noformat} org.apache.sshd.common.SshException: Session is being closedorg.apache.sshd.common.SshException: Session is being closed at org.apache.sshd.client.session.ClientSessionImpl.preClose(ClientSessionImpl.java:126) at org.apache.sshd.common.util.closeable.AbstractCloseable.close(AbstractCloseable.java:82) at org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.sessionClosed(AbstractSessionIoHandler.java:46) at org.apache.sshd.common.io.nio2.Nio2Session.doCloseImmediately(Nio2Session.java:266) at org.apache.sshd.common.util.closeable.AbstractCloseable.close(AbstractCloseable.java:83) at org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:353) at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:318) at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:315) at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38) at java.security.AccessController.doPrivileged(Native Method) at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37) at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126) at sun.nio.ch.Invoker$2.run(Invoker.java:218) at sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748){noformat} > DSA 2048 public key authentication fails > > > Key: SSHD-945 > URL: https://issues.apache.org/jira/browse/SSHD-945 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 2.1.0 >Reporter: Logan >Priority: Major > Attachments: DSAKeyTests.java > > > While RSA 1024, 2048 and DSA 1024 keys succeed, DSA 2048 fails with error > trace listed below. I am trying to figure out if the issue is related to DSA > keys generated by JDK or apache SSHD. Attached is the test case. > > Tests with JSch API also fail with DSA 2048 keys. > > Error
[jira] [Comment Edited] (SSHD-945) DSA 2048 public key authentication fails
[ https://issues.apache.org/jira/browse/SSHD-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16943158#comment-16943158 ] Logan edited comment on SSHD-945 at 10/2/19 10:46 PM: -- Few observations: I am running on JDK 1.8.0_201 unlimited strength. Bbouncy castle was included in the classpath. After removing bouncy castle I get a different error stack trace but still fails. {noformat} org.apache.sshd.common.SshException: DefaultAuthFuture[ssh-connection]: Failed (InvalidKeyException) to execute: The security strength of SHA-1 digest algorithm is not sufficient for this key sizeorg.apache.sshd.common.SshException: DefaultAuthFuture[ssh-connection]: Failed (InvalidKeyException) to execute: The security strength of SHA-1 digest algorithm is not sufficient for this key size at org.apache.sshd.common.future.AbstractSshFuture.lambda$verifyResult$1(AbstractSshFuture.java:132) at org.apache.sshd.common.future.AbstractSshFuture.formatExceptionMessage(AbstractSshFuture.java:187) at org.apache.sshd.common.future.AbstractSshFuture.verifyResult(AbstractSshFuture.java:132) at org.apache.sshd.client.future.DefaultAuthFuture.verify(DefaultAuthFuture.java:40) at org.apache.sshd.client.future.DefaultAuthFuture.verify(DefaultAuthFuture.java:33) at org.apache.sshd.common.future.VerifiableFuture.verify(VerifiableFuture.java:44) at com.citi.grandcentral.sftp.DSAKeyTests.testGenerated(DSAKeyTests.java:166) at com.citi.grandcentral.sftp.DSAKeyTests.testDsa2048(DSAKeyTests.java:194) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50) at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12) at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47) at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17) at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325) at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78) at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57) at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290) at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71) at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288) at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58) at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268) at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:26) at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:27) at org.junit.runners.ParentRunner.run(ParentRunner.java:363) at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:86) at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:459) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:678) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:382) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:192)Caused by: java.security.InvalidKeyException: The security strength of SHA-1 digest algorithm is not sufficient for this key size at sun.security.provider.DSA.checkKey(DSA.java:111) at sun.security.provider.DSA.engineInitSign(DSA.java:143) at java.security.Signature$Delegate.init(Signature.java:1155) at java.security.Signature$Delegate.chooseProvider(Signature.java:1115) at java.security.Signature$Delegate.engineInitSign(Signature.java:1179) at java.security.Signature.initSign(Signature.java:530) at org.apache.sshd.common.signature.AbstractSignature.initSigner(AbstractSignature.java:91) at org.apache.sshd.client.auth.pubkey.KeyPairIdentity.sign(KeyPairIdentity.java:61) at org.apache.sshd.client.auth.pubkey.UserAuthPublicKey.appendSignature(UserAuthPublicKey.java:225) at org.apache.sshd.client.auth.pubkey.UserAuthPublicKey.processAuthDataRequest(UserAuthPublicKey.java:203) at org.apache.sshd.client.auth.AbstractUserAuth.process(AbstractUserAuth.java:73) at org.apache.sshd.client.session.ClientUserAuthService.processUserAuth(ClientUserAuthService.java:268) at org.apache.sshd.client.session.ClientUserAuthService.process(ClientUserAuthService.java:201) at org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:626) at org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:559) at