SSH authentication failed, Problem generating Diffie-Hellman initializaton values
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-29-2021 01:28 AM
Apologies if the forum is not the correct one. We have an issue when one of the Data Sources that pulls data from the SFTP server is giving the error below:
com.glide.db.impex.datasource.DataSourceException: java.io.IOException: SSH authentication failed, Problem generating Diffie-Hellman initializaton values: java.security.InvalidAlgorithmParameterException: DH key size must be multiple of 64, and can only range from 512 to 8192 (inclusive). The specific key size 2070 is not supported
com.sun.crypto.provider.DHKeyPairGenerator.initialize(DHKeyPairGenerator.java:139)
java.security.KeyPairGenerator$Delegate.initialize(KeyPairGenerator.java:667)
java.security.KeyPairGenerator.initialize(KeyPairGenerator.java:411)
com.snc.ssh.kex.ADiffieHellmanKEX.phase1(ADiffieHellmanKEX.java:58)
com.snc.ssh.kex.DiffieHellmanGEX.setGroup(DiffieHellmanGEX.java:77)
com.snc.ssh.msgs.DiffieHellmanGEXGroupMsg.process(DiffieHellmanGEXGroupMsg.java:27)
com.snc.ssh.msgs.ReadMsg.deframeBinaryPacket(ReadMsg.java:113)
com.snc.ssh.msgs.ReadMsg.process(ReadMsg.java:63)
com.snc.ssh.SSHProtocolEngine.run(SSHProtocolEngine.java:106)
java.lang.Thread.run(Thread.java:748)
Any ideas what this is exactly and how/where to solve it i.e. on the instance or on the SFTP server side?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-02-2021 12:50 AM
Hi,
this is indeed not the best forum to post your question. Looking at the stack trace you could contact the Import/Export team at the Now Platform forum.
Hope they can help,
Jochen
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-02-2021 03:35 AM
Hi
We are experiencing the exact same problem. Did you find the solution yet?
Thanks
Shane
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-30-2021 05:21 AM
Did anybody find the solution for this issue?
It would be very helpful for us if any information is gievn
Thank you
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-30-2021 06:20 AM
From the error message, it appears that the SFTP server is using a key of length 2070 for the Diffie-Helmann key exchange (part of the SSL/TLS protocol), but it *should* be a multiple of 64 (2112, for example). Since the key is the wrong length, ServiceNow is unable to complete the steps in the protocol.
You should try to access the SFTP server from the command line using a command like 'curl', which has a "-vvv" flag to give you verbose output that may provide you with more details about the problem.
Has this datasource every worked before? And if so, what was changed on the server since the last time it worked?
Frank
