tomaswolf opened a new pull request, #809: URL: https://github.com/apache/mina-sshd/pull/809
Respect server-side attributes that may be set in an `authorized_keys` file: `no-touch-required` and `verify-required`. These flags exist _only_ server-side; the public keys received in an SSH_MSG_USERAUTH packet do not have them. * Ensure that we do _not_ consider these flags when matching public keys received against the `authorited_keys` file. * Ensure that for signature verification, we _do_ use a key that does carry these flags (i.e., created from the matching `AuthorizedKeyEntry`) so that we can properly check the flags in the signature. Also throw an exception if there is bogus trailing data after the signature in the packet. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org