[jira] [Commented] (SSHD-945) DSA 2048 public key authentication fails

Wed, 02 Oct 2019 13:56:37 -0700 


    [ 
https://issues.apache.org/jira/browse/SSHD-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16943158#comment-16943158
 ] 

Logan commented on SSHD-945:
----------------------------

Few observations:

I am running on JDK 1.8.0_201 limited strength.  Bbouncy castle was included in 
the classpath. After removing bouncy castle I get a different error stack trace 
but still fails.

 
{noformat}
org.apache.sshd.common.SshException: DefaultAuthFuture[ssh-connection]: Failed 
(InvalidKeyException) to execute: The security strength of SHA-1 digest 
algorithm is not sufficient for this key 
sizeorg.apache.sshd.common.SshException: DefaultAuthFuture[ssh-connection]: 
Failed (InvalidKeyException) to execute: The security strength of SHA-1 digest 
algorithm is not sufficient for this key size at 
org.apache.sshd.common.future.AbstractSshFuture.lambda$verifyResult$1(AbstractSshFuture.java:132)
 at 
org.apache.sshd.common.future.AbstractSshFuture.formatExceptionMessage(AbstractSshFuture.java:187)
 at 
org.apache.sshd.common.future.AbstractSshFuture.verifyResult(AbstractSshFuture.java:132)
 at 
org.apache.sshd.client.future.DefaultAuthFuture.verify(DefaultAuthFuture.java:40)
 at 
org.apache.sshd.client.future.DefaultAuthFuture.verify(DefaultAuthFuture.java:33)
 at 
org.apache.sshd.common.future.VerifiableFuture.verify(VerifiableFuture.java:44) 
at com.citi.grandcentral.sftp.DSAKeyTests.testGenerated(DSAKeyTests.java:166) 
at com.citi.grandcentral.sftp.DSAKeyTests.testDsa2048(DSAKeyTests.java:194) at 
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) 
at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
 at java.lang.reflect.Method.invoke(Method.java:498) at 
org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50)
 at 
org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
 at 
org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47)
 at 
org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
 at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325) at 
org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78)
 at 
org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57)
 at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290) at 
org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71) at 
org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288) at 
org.junit.runners.ParentRunner.access$000(ParentRunner.java:58) at 
org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268) at 
org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:26) 
at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:27) 
at org.junit.runners.ParentRunner.run(ParentRunner.java:363) at 
org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:86)
 at 
org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38) 
at 
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:459)
 at 
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:678)
 at 
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:382)
 at 
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:192)Caused
 by: java.security.InvalidKeyException: The security strength of SHA-1 digest 
algorithm is not sufficient for this key size at 
sun.security.provider.DSA.checkKey(DSA.java:111) at 
sun.security.provider.DSA.engineInitSign(DSA.java:143) at 
java.security.Signature$Delegate.init(Signature.java:1155) at 
java.security.Signature$Delegate.chooseProvider(Signature.java:1115) at 
java.security.Signature$Delegate.engineInitSign(Signature.java:1179) at 
java.security.Signature.initSign(Signature.java:530) at 
org.apache.sshd.common.signature.AbstractSignature.initSigner(AbstractSignature.java:91)
 at 
org.apache.sshd.client.auth.pubkey.KeyPairIdentity.sign(KeyPairIdentity.java:61)
 at 
org.apache.sshd.client.auth.pubkey.UserAuthPublicKey.appendSignature(UserAuthPublicKey.java:225)
 at 
org.apache.sshd.client.auth.pubkey.UserAuthPublicKey.processAuthDataRequest(UserAuthPublicKey.java:203)
 at 
org.apache.sshd.client.auth.AbstractUserAuth.process(AbstractUserAuth.java:73) 
at 
org.apache.sshd.client.session.ClientUserAuthService.processUserAuth(ClientUserAuthService.java:268)
 at 
org.apache.sshd.client.session.ClientUserAuthService.process(ClientUserAuthService.java:201)
 at 
org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:626)
 at 
org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:559)
 at 
org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1542)
 at 
org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:520)
 at 
org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:63)
 at 
org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:339)
 at 
org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:318) 
at 
org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:315) 
at 
org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38)
 at java.security.AccessController.doPrivileged(Native Method) at 
org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37)
 at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126) at 
sun.nio.ch.Invoker$2.run(Invoker.java:218) at 
sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112)
 at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) 
at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) 
at java.lang.Thread.run(Thread.java:748){noformat}

> DSA 2048 public key authentication fails
> ----------------------------------------
>
>                 Key: SSHD-945
>                 URL: https://issues.apache.org/jira/browse/SSHD-945
>             Project: MINA SSHD
>          Issue Type: Bug
>    Affects Versions: 2.1.0
>            Reporter: Logan
>            Priority: Major
>         Attachments: DSAKeyTests.java
>
>
> While RSA 1024, 2048 and DSA 1024 keys succeed, DSA 2048 fails with error 
> trace listed below. I am trying to figure out if the issue is related to DSA 
> keys generated by JDK or apache SSHD. Attached is the test case. 
>  
> Tests with JSch API also fail with DSA 2048 keys.
>  
> Error trace:
> {code:java}
> org.apache.sshd.common.SshException: No more authentication methods 
> availableorg.apache.sshd.common.SshException: No more authentication methods 
> available at 
> org.apache.sshd.client.session.ClientUserAuthService.tryNext(ClientUserAuthService.java:318)
>  at 
> org.apache.sshd.client.session.ClientUserAuthService.processUserAuth(ClientUserAuthService.java:254)
>  at 
> org.apache.sshd.client.session.ClientUserAuthService.process(ClientUserAuthService.java:201)
>  at 
> org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:626)
>  at 
> org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:559)
>  at 
> org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1542)
>  at 
> org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:520)
>  at 
> org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:63)
>  at 
> org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:339)
>  at 
> org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:318)
>  at 
> org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:315)
>  at 
> org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38)
>  at java.security.AccessController.doPrivileged(Native Method) at 
> org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37)
>  at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126) at 
> sun.nio.ch.Invoker$2.run(Invoker.java:218) at 
> sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112)
>  at 
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
>  at 
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
>  at java.lang.Thread.run(Thread.java:748){code}
> [^DSAKeyTests.java]



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to