[jira] [Commented] (SSHD-1149) Allow every algorithm in PEM hostkey (old behaviour)

Thu, 01 Apr 2021 07:48:06 -0700 


    [ 
https://issues.apache.org/jira/browse/SSHD-1149?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17313216#comment-17313216
 ] 

Lyor Goldstein commented on SSHD-1149:
--------------------------------------

{quote}
Can you change the behaviour back to where the specified algorithm was only 
used to create new hostkeys?
{quote}
I don't think so - there are good reasons why we changed the behavior
{quote}
The old class loaded every hostkey, so we could change the algorithm used by 
replacing the hostkey file. 
{quote}
This is why we changed it.
{quote}
If the hostkey file contains a valid key, but not the algorithm set for server, 
the file will be overwritten even with setOverwriteAllowed(false).
{quote}
I will look into it - anyway, these classes are not intended for runtime usage. 
You are supposed to generate the host key file +externally+ and then use 
{{KeyPairProvider}}-s for the server setup.

> Allow every algorithm in PEM hostkey (old behaviour)
> ----------------------------------------------------
>
>                 Key: SSHD-1149
>                 URL: https://issues.apache.org/jira/browse/SSHD-1149
>             Project: MINA SSHD
>          Issue Type: Wish
>    Affects Versions: 2.3.0, 2.5.1
>            Reporter: Stefan Mueller
>            Priority: Major
>
> We upgraded SSHD and replaced PEMGeneratorHostKeyProvider with 
> BouncyCastleGeneratorHostKeyProvider. Now we realized that the behaviour is 
> different if the hostkey file exists. The old class loaded every hostkey, so 
> we could change the algorithm used by replacing the hostkey file. Now the set 
> algorithm will always be used.
> Can you change the behaviour back to where the specified algorithm was only 
> used to create new hostkeys?
> In case you do not change it, I found a bug in current behaviour:
> If the hostkey file contains a valid key, but not the algorithm set for 
> server, the file will be overwritten even with setOverwriteAllowed(false).



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to