[
https://issues.apache.org/jira/browse/SSHD-984?focusedWorklogId=429940&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-429940
]
ASF GitHub Bot logged work on SSHD-984:
---------------------------------------
Author: ASF GitHub Bot
Created on: 03/May/20 15:23
Start Date: 03/May/20 15:23
Worklog Time Spent: 10m
Work Description: tomaswolf opened a new pull request #128:
URL: https://github.com/apache/mina-sshd/pull/128
Add support for writing keys in the modern OpenSSH key format using
the OpenBSD bcrypt KDF for writing passphrase-protected, encrypted
private keys.
Add a new OpenSSHKeyPairResourceWriter using a specialized
OpenSSHKeyEncryptionContext to make the number of KDF rounds
configurable and to have the passphrase as a char[] instead of as a
String. Introduce a new SecureByteArrayOutputStream.
Includes test cases that generate various keys, write them to files,
and load them again. Since this only tests that Apache MINA sshd can
work with these keys, I've also manually verified that command-line
OpenSSH can use keys generated and written by Java to actually connect
to an SSH server.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
Issue Time Tracking
-------------------
Worklog Id: (was: 429940)
Remaining Estimate: 0h
Time Spent: 10m
> Utility method to export KeyPair in OpenSSH format
> --------------------------------------------------
>
> Key: SSHD-984
> URL: https://issues.apache.org/jira/browse/SSHD-984
> Project: MINA SSHD
> Issue Type: New Feature
> Affects Versions: 2.4.0
> Reporter: David Ostrovsky
> Priority: Minor
> Attachments: sshd_key_writing.zip
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> There are ongoing efforts in Gerrit Code Review and JGit projects to remove
> dependency on JSch library: [1], [2]. Instead, MINA SSSD should be used on
> both: client and server sides.
> One difficulty we are facing is the fact the MINA SSHD currently doesn't
> provide any means to export generated KeyPair in OpenSSH format.
> Thomas Wolf added recently the ability to read encrypted OpenSSH private keys
> in context of SSHD-708.
> With JSch this code would do the job:
> {code:java}
> public static com.jcraft.jsch.KeyPair genSshKey() throws JSchException {
> JSch jsch = new JSch();
> return KeyPair.genKeyPair(jsch, KeyPair.ECDSA, 256);
> }
> public static String publicKey(com.jcraft.jsch.KeyPair sshKey, @Nullable
> String comment)
> throws UnsupportedEncodingException {
> ByteArrayOutputStream out = new ByteArrayOutputStream();
> sshKey.writePublicKey(out, comment);
> return out.toString(US_ASCII.name()).trim();
> }
> public static byte[] privateKey(com.jcraft.jsch.KeyPair keyPair) {
> ByteArrayOutputStream out = new ByteArrayOutputStream();
> keyPair.writePrivateKey(out);
> return out.toByteArray();
> }
> {code}
> [1] [https://bugs.eclipse.org/bugs/show_bug.cgi?id=540727]
> [2] [https://bugs.chromium.org/p/gerrit/issues/detail?id=12599]
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
