Discussion:
[JSch-users] Jsch stopped working with Java8
Marc Logemann
2014-07-28 16:18:26 UTC
Permalink
Hi,

we are using JSch as transport mechanism for EDI data to a different
company for about 7 years now. Today we upgraded to Java 8 and now when we
try to connect, we get:

Session.connect: java.security.InvalidKeyException: Key is too long for
this algorithm

Currently we use:

<dependency org="com.jcraft" name="jsch" rev="0.1.42"/>

Our code is like this..

Session session = jsch.getSession(sftpUser, sftpHost);
session.setPassword(sftpPassword);
UserInfo ui = new SFTPClientWrapper.MyUserInfo();
session.setUserInfo(ui);
session.connect();


So some questions arise :-)

1) will upgrade to latest version of JSch help me?

2) do you know the error in general? I dont have any clue because i dont do
anything with keys. IMO its some kind of internal issue with java and JSch.


Thanks for any hints.

Marc
Alan Ezust
2014-07-28 16:24:52 UTC
Permalink
I am also having trouble using jsch with java8. I already posted my problem
to this list earlier.
Basically, the jEdit FTP plugin doesn't work for me in Java 8.

But your problem is different, and one I might be able to help you with.
you may need to install the JCE full key-strength encryption.

http://stackoverflow.com/questions/6481627/java-security-illegal-key-size-or-default-parameters
Post by Marc Logemann
Hi,
we are using JSch as transport mechanism for EDI data to a different
company for about 7 years now. Today we upgraded to Java 8 and now when we
Session.connect: java.security.InvalidKeyException: Key is too long for
this algorithm
<dependency org="com.jcraft" name="jsch" rev="0.1.42"/>
Our code is like this..
Session session = jsch.getSession(sftpUser, sftpHost);
session.setPassword(sftpPassword);
UserInfo ui = new SFTPClientWrapper.MyUserInfo();
session.setUserInfo(ui);
session.connect();
So some questions arise :-)
1) will upgrade to latest version of JSch help me?
2) do you know the error in general? I dont have any clue because i dont
do anything with keys. IMO its some kind of internal issue with java and
JSch.
Thanks for any hints.
Marc
------------------------------------------------------------------------------
Infragistics Professional
Build stunning WinForms apps today!
Reboot your WinForms applications with our WinForms controls.
Build a bridge from your legacy apps to the future.
http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk
_______________________________________________
JSch-users mailing list
https://lists.sourceforge.net/lists/listinfo/jsch-users
Marc Logemann
2014-07-28 16:56:11 UTC
Permalink
Thx for hint. Will try later on. Just downloaded the "JCE strong
encryption" package for Java 8.
Post by Alan Ezust
I am also having trouble using jsch with java8. I already posted my
problem to this list earlier.
Basically, the jEdit FTP plugin doesn't work for me in Java 8.
But your problem is different, and one I might be able to help you with.
you may need to install the JCE full key-strength encryption.
http://stackoverflow.com/questions/6481627/java-security-illegal-key-size-or-default-parameters
Post by Marc Logemann
Hi,
we are using JSch as transport mechanism for EDI data to a different
company for about 7 years now. Today we upgraded to Java 8 and now when we
Session.connect: java.security.InvalidKeyException: Key is too long
for this algorithm
<dependency org="com.jcraft" name="jsch" rev="0.1.42"/>
Our code is like this..
Session session = jsch.getSession(sftpUser, sftpHost);
session.setPassword(sftpPassword);
UserInfo ui = new SFTPClientWrapper.MyUserInfo();
session.setUserInfo(ui);
session.connect();
So some questions arise :-)
1) will upgrade to latest version of JSch help me?
2) do you know the error in general? I dont have any clue because i dont
do anything with keys. IMO its some kind of internal issue with java and
JSch.
Thanks for any hints.
Marc
------------------------------------------------------------------------------
Infragistics Professional
Build stunning WinForms apps today!
Reboot your WinForms applications with our WinForms controls.
Build a bridge from your legacy apps to the future.
http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk
_______________________________________________
JSch-users mailing list
https://lists.sourceforge.net/lists/listinfo/jsch-users
Marc Logemann
2014-07-28 18:56:02 UTC
Permalink
Hi,

just want to report back. I upgraded JSch to latest version and installed
the JCE Ext. Security JAR from Oracle without any difference. Error is
still the same with Java8. Seems to be a major bug in JSch. Hope someone of
the authors can reply to that...

Marc
Post by Marc Logemann
Thx for hint. Will try later on. Just downloaded the "JCE strong
encryption" package for Java 8.
I am also having trouble using jsch with java8. I already posted my
Post by Alan Ezust
problem to this list earlier.
Basically, the jEdit FTP plugin doesn't work for me in Java 8.
But your problem is different, and one I might be able to help you with.
you may need to install the JCE full key-strength encryption.
http://stackoverflow.com/questions/6481627/java-security-illegal-key-size-or-default-parameters
Post by Marc Logemann
Hi,
we are using JSch as transport mechanism for EDI data to a different
company for about 7 years now. Today we upgraded to Java 8 and now when we
Session.connect: java.security.InvalidKeyException: Key is too long
for this algorithm
<dependency org="com.jcraft" name="jsch" rev="0.1.42"/>
Our code is like this..
Session session = jsch.getSession(sftpUser, sftpHost);
session.setPassword(sftpPassword);
UserInfo ui = new SFTPClientWrapper.MyUserInfo();
session.setUserInfo(ui);
session.connect();
So some questions arise :-)
1) will upgrade to latest version of JSch help me?
2) do you know the error in general? I dont have any clue because i dont
do anything with keys. IMO its some kind of internal issue with java and
JSch.
Thanks for any hints.
Marc
------------------------------------------------------------------------------
Infragistics Professional
Build stunning WinForms apps today!
Reboot your WinForms applications with our WinForms controls.
Build a bridge from your legacy apps to the future.
http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk
_______________________________________________
JSch-users mailing list
https://lists.sourceforge.net/lists/listinfo/jsch-users
Lothar Kimmeringer
2014-07-29 08:56:11 UTC
Permalink
Post by Marc Logemann
just want to report back. I upgraded JSch to latest version and
installed the JCE Ext. Security JAR from Oracle without any
difference. Error is still the same with Java8. Seems to be a
major bug in JSch. Hope someone of the authors can reply to that...
Here[TM] JSCH runs with Java8 and there are no problems like that.
Make sure that you really installed the unlimited strength files
into the correct directory (maybe you installed it into the JDK
but not the JRE or vice versa). If not, please create a java-class
that helps to reproduce the problem or provide more informations
like Martin already told you.


Cheers, Lothar
Marc Logemann
2014-07-29 12:03:25 UTC
Permalink
This post might be inappropriate. Click to display it.
Lothar Kimmeringer
2014-07-29 12:31:29 UTC
Permalink
Post by Marc Logemann
here we go with more info. Everything i can get from client side.
INFO: Connecting to xxxx.deutschepost.de <http://xxxx.deutschepost.de> port 22
why is the servername secret. This shouzld be a public server.

Try the following program

import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

public class CheckCrypto {
public static void main(String[] args){
String cryptoAlg = "AES";
try{
SecretKeySpec keyspec = new SecretKeySpec(new byte[32], cryptoAlg);
Cipher c = Cipher.getInstance(cryptoAlg + "/CBC/NoPadding");
c.init(Cipher.ENCRYPT_MODE, keyspec, new IvParameterSpec(new byte[16]));
}
catch(Exception e){
System.err.println("************ The Java Virtual Machine can't handle strong cryptography.\n************ This will lead to problems with some services and subsystems!");
}

}
}

If you get the exception-message, you still need to install the
unlimimted strength cryptography policy files.


Cheers, Lothar
Atsuhiko Yamanaka
2014-09-17 08:01:20 UTC
Permalink
This post might be inappropriate. Click to display it.
Oberhuber, Martin
2014-07-29 08:26:42 UTC
Permalink
Hi Marc,

It may help if you post the full backtrace of the exception so we get an idea what kind of key algorithm is involved:

try {
session.connect();
} catch(Throwable t) {
t.printStackTrace();
}


Some more information about the kind of remote system may also help. For instance, using a Linux box do this:

$> sftp -vvv your.host.ip > debug .log

And debug.log will contain lots of information about the key exchange process:

OpenSSH_5.9p1 Debian-5ubuntu1.1, OpenSSL 1.0.1 14 Mar 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
[
]

Thanks,
Martin
--
Martin Oberhuber, SMTS / Product Owner – Development Tools, Wind River
direct +43.662.457915.85 fax +43.662.457915.6

From: Marc Logemann [mailto:***@gmail.com]
Sent: Monday, July 28, 2014 6:18 PM
To: jsch-***@lists.sourceforge.net
Subject: [JSch-users] Jsch stopped working with Java8

Hi,

we are using JSch as transport mechanism for EDI data to a different company for about 7 years now. Today we upgraded to Java 8 and now when we try to connect, we get:

Session.connect: java.security.InvalidKeyException: Key is too long for this algorithm
Currently we use:
<dependency org="com.jcraft" name="jsch" rev="0.1.42"/>
Our code is like this..
Session session = jsch.getSession(sftpUser, sftpHost);
session.setPassword(sftpPassword);
UserInfo ui = new SFTPClientWrapper.MyUserInfo();
session.setUserInfo(ui);
session.connect();

So some questions arise :-)
1) will upgrade to latest version of JSch help me?
2) do you know the error in general? I dont have any clue because i dont do anything with keys. IMO its some kind of internal issue with java and JSch.

Thanks for any hints.
Marc
Atsuhiko Yamanaka
2014-07-29 10:38:30 UTC
Permalink
Hi,
Post by Oberhuber, Martin
we are using JSch as transport mechanism for EDI data to a different company
for about 7 years now. Today we upgraded to Java 8 and now when we try to
Session.connect: java.security.InvalidKeyException: Key is too long for
this algorithm
Could you try
https://gist.github.com/ymnk/2318108#file-logger-java
on Java7 and Java8?

Sincerely,
--
Atsuhiko Yamanaka
JCraft,Inc.
1-14-20 HONCHO AOBA-KU,
SENDAI, MIYAGI 980-0014 Japan.
Tel +81-22-723-2150
+1-415-578-3454
Skype callto://jcraft/
Peter Buhl
2015-01-17 13:32:52 UTC
Permalink
Hi,
On Tue, Jul 29, 2014 at 1:18 AM, Marc Logemann
Post by Oberhuber, Martin
we are using JSch as transport mechanism for EDI data to a different company
for about 7 years now. Today we upgraded to Java 8 and now when we try to
Session.connect: java.security.InvalidKeyException: Key is too long for
this algorithm
Could you try
https://gist.github.com/ymnk/2318108#file-logger-java
on Java7 and Java8?
Sincerely,
--
Atsuhiko Yamanaka
JCraft,Inc.
1-14-20 HONCHO AOBA-KU,
SENDAI, MIYAGI 980-0014 Japan.
Tel +81-22-723-2150
+1-415-578-3454
Skype callto://jcraft/
------------------------------------------------------------------------------
Infragistics Professional
Build stunning WinForms apps today!
Reboot your WinForms applications with our WinForms controls.
Build a bridge from your legacy apps to the future.
http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk
We had a similar problem, though we are using java version 1.7
After upgrading java from version 1.7.0_55 to 1.7.0_71 the SFTP stopped
working with the exception mentioned; InvalidKeyException: Key is too long
for this algorithm.
We were using OpenJDK on CentOS 6
And trying to update the JCE extension did not help
But after changing to Oracle's Java JDK version 1.7.0_71 the problem was
resolved, even without the JCE extension.
I hope this can help

Loading...