Problem

After upgrading to ST 5.5-20220728 (July 2022) or later, SSH Transfer Sites can no longer use RSA keys smaller than 1024-bit for authentication. When a Site is triggered, the below message will be logged in the Server Log and the Site processing will be aborted:

RSA keys under 1024 bits are no longer supported for use in Authentication

Resolution

This issue is due to a limitation in the updated Maverick third-party library, included in the July 22 update. To work around this limitation and allow the usage of sub-1024 bit keys, add the below line in the start_sshd and/or start_tm_console scripts:

JAVA_OPTS="-Dmaverick.disableRSARestrictions=true $JAVA_OPTS"

Alternatively, the same change can be made in $FILEDRIVEHOME/conf/STStartScriptsConfig in the following manner:

For SSH (affects clients connecting to ST)

SSH_JAVA_OPTS="-Dmaverick.disableRSARestrictions=true $SSH_JAVA_OPTS"

For TM (affects Transfer Sites making connections from ST to remote hosts)

TM_JAVA_OPTS="-Dmaverick.disableRSARestrictions=true $TM_JAVA_OPTS"

Restart of the respective service(s) is required to apply the changes.