locked
DH 2048 key length exchange is failing with powerShell v6 RRS feed

  • Question


  • I am trying to connect to Exchange server through PowerShell server v6 from our application using JSCH library.

    [9/10/2020 4:21 AM] [7360] SSH Status: Sending local version: "SSH-2.0-PowerShell Server V6 - www.nsoftware.com".
    [9/10/2020 4:21 AM] [7360] SSH Status: Read remote version string: "SSH-2.0-JSCH-0.1.54".
    [9/10/2020 4:21 AM] [7360] SSH Status: Beginning key exchange.
    [9/10/2020 4:21 AM] [7360] SSH Status: Preparing algorithm negotiation.
    [9/10/2020 4:21 AM] [7360] SSH Status: Sending local enabled algorithm list.
    [9/10/2020 4:21 AM] [7360] SSH Status: Reading remote enabled algorithm list.
    [9/10/2020 4:21 AM] [7360] SSH Status: Selected key exchange algorithm "diffie-hellman-group-exchange-sha256".
    [9/10/2020 4:21 AM] [7360] SSH Status: Selected server host key algorithm "ssh-rsa".
    [9/10/2020 4:21 AM] [7360] SSH Status: Selected client encryption algorithm "3des-cbc".
    [9/10/2020 4:21 AM] [7360] SSH Status: Selected server encryption algorithm "3des-cbc".
    [9/10/2020 4:21 AM] [7360] SSH Status: Selected client MAC algorithm "hmac-md5".
    [9/10/2020 4:21 AM] [7360] SSH Status: Selected server MAC algorithm "hmac-md5".
    [9/10/2020 4:21 AM] [7360] SSH Status: Selected client compression algorithm "none".
    [9/10/2020 4:21 AM] [7360] SSH Status: Selected server compression algorithm "none".
    [9/10/2020 4:21 AM] [7360] SSH Status: Algorithm negotiation complete.
    [9/10/2020 4:21 AM] [7360] SSH Status: Received Diffie-Hellman group exchange request (1024<1024<1024).
    [9/10/2020 4:21 AM] [7360] SSH Status: Sending Diffie-Hellman group exchange init message. Server selected safe prime with order of 1024 bits.
    [9/10/2020 4:21 AM] [7360] SSH Status: Disconnected: [3] java.security.InvalidAlgorithmParameterException: Accepted DH prime length is 2048 or higher
    [9/10/2020 4:21 AM] [7360] Client 35336 disconnected.

    As you can see the keylength is 1024 and hence it fails.

    How do i configure the server to accept 2048 and above key length.

    Friday, September 11, 2020 8:55 AM