Support Questions

Oleksandr_Solom · ‎07-05-2017

Remote host - Solaris 10 10/09 s10s_u8wos_08a SPARC

2017-07-05 14:46:05,149 ERROR [Timer-Driven Process Thread-4] o.a.nifi.processors.standard.ListSFTP ListSFTP[id=6259363b-17b8-121f-a829-30be1aade258] Failed to perform listing on remote host due to java.io.IOException: Failed to obtain connection to remote host due to com.jcraft.jsch.JSchException: Session.connect: java.security.InvalidAlgorithmParameterException: DH key size must be multiple of 64, and can only range from 512 to 4096 (inclusive). The specific key size 2047 is not supported 2017-07-05 14:46:05,150 ERROR [Timer-Driven Process Thread-4] o.a.nifi.processors.standard.ListSFTP java.io.IOException: Failed to obtain connection to remote host due to com.jcraft.jsch.JSchException: Session.connect: java.security.InvalidAlgorithmParameterException: DH key size must be multiple of 64, and can only range from 512 to 4096 (inclusive). The specific key size 2047 is not supported at org.apache.nifi.processors.standard.util.SFTPTransfer.getChannel(SFTPTransfer.java:447) ~[nifi-standard-processors-1.1.1.jar:1.1.1] at org.apache.nifi.processors.standard.util.SFTPTransfer.getListing(SFTPTransfer.java:184) ~[nifi-standard-processors-1.1.1.jar:1.1.1] at org.apache.nifi.processors.standard.util.SFTPTransfer.getListing(SFTPTransfer.java:148) ~[nifi-standard-processors-1.1.1.jar:1.1.1] at org.apache.nifi.processors.standard.ListFileTransfer.performListing(ListFileTransfer.java:103) ~[nifi-standard-processors-1.1.1.jar:1.1.1] at org.apache.nifi.processors.standard.AbstractListProcessor.onTrigger(AbstractListProcessor.java:341) ~[nifi-standard-processors-1.1.1.jar:1.1.1] at org.apache.nifi.processor.AbstractProcessor.onTrigger(AbstractProcessor.java:27) [nifi-api-1.1.1.jar:1.1.1] at org.apache.nifi.controller.StandardProcessorNode.onTrigger(StandardProcessorNode.java:1099) [nifi-framework-core-1.1.1.jar:1.1.1] at org.apache.nifi.controller.tasks.ContinuallyRunProcessorTask.call(ContinuallyRunProcessorTask.java:136) [nifi-framework-core-1.1.1.jar:1.1.1] at org.apache.nifi.controller.tasks.ContinuallyRunProcessorTask.call(ContinuallyRunProcessorTask.java:47) [nifi-framework-core-1.1.1.jar:1.1.1] at org.apache.nifi.controller.scheduling.TimerDrivenSchedulingAgent$1.run(TimerDrivenSchedulingAgent.java:132) [nifi-framework-core-1.1.1.jar:1.1.1] at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) [na:1.8.0_121] at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:308) [na:1.8.0_121] at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:180) [na:1.8.0_121] at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:294) [na:1.8.0_121] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_121] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_121] at java.lang.Thread.run(Thread.java:745) [na:1.8.0_121] Caused by: com.jcraft.jsch.JSchException: Session.connect: java.security.InvalidAlgorithmParameterException: DH key size must be multiple of 64, and can only range from 512 to 4096 (inclusive). The specific key size 2047 is not supported at com.jcraft.jsch.Session.connect(Session.java:565) ~[jsch-0.1.54.jar:na] at com.jcraft.jsch.Session.connect(Session.java:183) ~[jsch-0.1.54.jar:na] at org.apache.nifi.processors.standard.util.SFTPTransfer.getChannel(SFTPTransfer.java:433) ~[nifi-standard-processors-1.1.1.jar:1.1.1] ... 16 common frames omitted

pvillard · ‎07-05-2017

Hi @Oleksandr Solomko,

If you are using Oracle JDK, I think that you need to install JCE files to have unlimited strength on the key size.

http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html

EDIT: Actually it seems to be a little bit more complex:

https://stackoverflow.com/questions/36298394/java-invalidalgorithmparameterexception-prime-size-must...

Oleksandr_Solom · ‎07-05-2017

ls /usr/jdk64/jdk1.8.0_77/jre/lib/security/

blacklist

cacerts

java.security

local_policy.jar

trusted.libraries

blacklisted.certs

java.policy

javaws.policy

README.txt

US_export_policy.jar

java -version openjdk version "1.8.0_121" OpenJDK Runtime Environment (build 1.8.0_121-b13) OpenJDK 64-Bit Server VM (build 25.121-b13, mixed mode)

amolazambare · ‎05-01-2018

Hi @Oleksandr Solomko,

We are also getting the below error (ListSFTP Failed to obtain connection to remote host)

Failed to obtain connection to remote host due to com.jcraft.jsch.JSchException: Session.connect: java.security.InvalidAlgorithmParameterException: DH key size must be multiple of 64, and can only range from 512 to 8192 (inclusive). The specific key size 2047 is not supported

We are using openjdk. Can you please confirm if the above fix works for openjdk?

openjdk version "1.8.0_121" OpenJDK Runtime Environment (build 1.8.0_121-b13) OpenJDK 64-Bit Server VM (build 25.121-b13, mixed mode)