[
https://issues.apache.org/jira/browse/SSHD-710?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16028735#comment-16028735
]
Markus Woschank edited comment on SSHD-710 at 5/30/17 4:25 AM:
---------------------------------------------------------------
This is still an issue (at least for me with openssh 7.3 and 7.5).
After changing the following in OpenSSHEd25519PrivateKeyEntryDecoder
(sshd-1.5.0):
{quote}
EdDSAPrivateKeySpec keySpec = new EdDSAPrivateKeySpec(seed, params);
{quote}
to
{quote}
EdDSAPrivateKeySpec keySpec = new
EdDSAPrivateKeySpec(Arrays.copyOf(signature,signature.length/2), params);
{quote}
I'm able to connect. Seems that openssh is using the first part of the second
byte array as sk.
was (Author: pottedplant):
This is still an issue (at least for me with openssh 7.3 and 7.5).
After changing the following in OpenSSHEd25519PrivateKeyEntryDecoder
(sshd-1.5.0):
- EdDSAPrivateKeySpec keySpec = new EdDSAPrivateKeySpec(seed, params);
+ EdDSAPrivateKeySpec keySpec = new
EdDSAPrivateKeySpec(Arrays.copyOf(signature,signature.length/2), params);
I'm able to connect. Seems that openssh is using the first part of the second
byte array as sk.
> Cannot connect standard OpenSSH client/server using ed25519 keys
> ----------------------------------------------------------------
>
> Key: SSHD-710
> URL: https://issues.apache.org/jira/browse/SSHD-710
> Project: MINA SSHD
> Issue Type: New Feature
> Affects Versions: 1.4.0
> Reporter: Goldstein Lyor
> Assignee: Goldstein Lyor
> Labels: security
>
> It seems that if the SSHD client is using an _ed25519_ identity or the SSHD
> server presents an _ed25519_ key, then the generated signature is wrong
> either when (client) public key authentication is executed or (server) KEX.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
