[
https://issues.apache.org/jira/browse/SSHD-759?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16113004#comment-16113004
]
Goldstein Lyor commented on SSHD-759:
-------------------------------------
Your (server) code should not automatically generate and save its keys. IMO,
the correct process is:
* Generate server keys *externally* - e.g., via {{ssh-keygen}}
* Store the keys in some "known" location for your server code
* Use the existing code for loading the above generated keys when you set up
the server (and before _start()_-ing it).
See also [Embedding an SSHD server instance in 5
minutes|https://github.com/apache/mina-sshd/]
Like I said, this special class is for quick prototyping and unit-test code -
not suitable for production.
> Should not overwrite existing ssh key if the algorithm does not match
> ---------------------------------------------------------------------
>
> Key: SSHD-759
> URL: https://issues.apache.org/jira/browse/SSHD-759
> Project: MINA SSHD
> Issue Type: Bug
> Affects Versions: 1.4.0
> Reporter: Christian Schneider
>
> Currently a key file that does not have the correct algorithm is simply
> deleted.
> I think this is not a good behaviour as the user might have created the key
> explicitly.
> https://github.com/apache/mina-sshd/blob/master/sshd-core/src/main/java/org/apache/sshd/server/keyprovider/AbstractGeneratorHostKeyProvider.java#L238-L244
> I propose we simply throw an exception if the algorithm does not match. Then
> the user can decide if he wants to delete the file or change the algorithm.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
