Thomas Wolf created SSHD-1218:
---------------------------------
Summary: Pubkey auth: keys from ssh-agent are used even if
HostConfigEntry.isIdentitiesOnly() is true
Key: SSHD-1218
URL: https://issues.apache.org/jira/browse/SSHD-1218
Project: MINA SSHD
Issue Type: Bug
Affects Versions: 2.7.0
Reporter: Thomas Wolf
{{UserAuthPublicKeyIterator}} unconditionally includes keys from the SSH agent
if there is an {{SshAgentFactory}}. This should be done only if
{{!HostConfigEntry.isIdentitiesOnly()}}.
Also, there is a completely superfluous requirement that the SshAgentFactory
return a non-null {{SshAgent}} in that iterator.
{{UserAuthPublicKeyIterator.initializeAgentIdentities()}} could just return
{{null}} in that case.
Furthermore it would be useful if the session was passed through to
{{SshAgentFactory.createAgent()}}.
Finally, the ordering of keys from different sources seems to be strange. Agent
keys always come first, then the session keys. The session keys are the ones
set explicitly, plus then the default keys. So the order is <agent, explicit,
default>. I think this should be <explicit, agent, default>.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
