Java: InvalidAlgorithmParameterException Prime size must be multiple of 64

Question

I implemented a Java program that will connect and execute a command in a remote server using JSCH. The problem is that whenever I tried to connect to the server, I got the

Answer 1

I didn't have the benefit of switching to Ganymed, so I installed the "Bouncy Castle" libraries to replace the security on the JVM. For some reason the Java 8 JVM still does not allow for security keys to be larger than 1024 in length.

1. Download the jar files from https://www.bouncycastle.org/latest_releases.html (look for jar files that start with 'bcprov-jdk')

2. Place the jar files under $JAVA_HOME/jre/lib/ext

3. Edit the java.security file located in $JAVA_HOME/jre/lib/security
4. Scroll down past the middle of the file and you will find a numbered list of security providers (around 9 or 8). Place a comment for the line of the seecond provider (with a #)

5. Replace the commented line with this:

   security.provider.2=org.bouncycastle.jce.provider.BouncyCastleProvider

6. Restart what you must, and try again.

I'm baffled as to why we need to hack the JDK this way. It doesn't inspire a lot of confidence to anybody I mentioned it at work. But since there is poor documentation (or education) on anything relating to security we are treating it as a 'temporary' fix.