tomaswolf commented on issue #636: URL: https://github.com/apache/mina-sshd/issues/636#issuecomment-2490305772
Thanks for reporting this. The exception indicates that the line from the `known_hosts` file containing the unknown key type cannot be _parsed_. Indeed the parsing in `KnownHostEntry` is broken; it parses an `AuthorizedKeyEntry` but should parse only a `PublicKeyEntry`. (I agree that the exception message is exceptionally poor; moreover there are two different locations where an exception with that exact message is thrown, and the way the exception is then wrapped loses the causing stack trace.) Simply ignoring lines with unknown key types is not entirely correct, though. It may be fine if there is another host key recorded for the same host with a known key type, but if not, the behavior between "no host key registered at all" and "some host key other than the one gotten from the server registered" is subtly different in OpenSSH (depending on the setting of `StrictHostKeyChecking`). If one doesn't ignore such lines one would then have to look at how these KnownHostEntry objects are used. IIRC correctly the code actually creates a `PublicKey` from the line, and then compares that to the public key received from the server. I guess this logic should also be flipped around: serialize the host key received into this string format, and then just compare against the string from the `known_hosts` line. (And likewise for `authorized_keys`.) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org
