有类似的问题。
一些带有SSH的遗留系统（开放式VMS），它实现了带有2048位密钥的SHA-1。
不确定它是否是一个jsch错误，或者是一个错误的ssh实现。
我还必须使用java 8，因为我使用javafx 8功能。
任何方式，为了解决这个问题，我得到了openjdk代码并滥用了代码：

had a similar problem. some legacy system (open VMS) with SSH that implemented SHA-1 with 2048 bit keys. not sure yet if it's a jsch bug, or a wrong ssh implementation. i also had to work with java 8 since i use javafx 8 features. any way, in order to work around this i got the openjdk code and abused the code like so:

sun.security.provider.DSA.java ...
@Override
    protected void checkKey(DSAParams params) throws InvalidKeyException {
        int valueL = params.getP().bitLength();
     // comment out this check since it only 
     // enforces the protocol and doesn't break the functionality
     // if (valueL > 1024) {
     //    throw new InvalidKeyException("Key is too long for this algorithm");
     // }
    }

编译它并使用-Xbootclasspath / p选项激活它。
我知道这是不好的做法，但修复服务器不是一个选择，修复jsch可能是一项大任务。
欢迎你为此谴责我。

compiled it and used -Xbootclasspath/p option to activate it. i know this is bad practice, but fixing the server is not an option, and fixing jsch might be a big task. you're welcome to condemn me for this.