[jira] [Created] (KARAF-7753) Key authentication doesn't work with ecdsa keys

Wed, 20 Sep 2023 07:57:00 -0700 

Andre Schlegel-Tylla created KARAF-7753:
-------------------------------------------

             Summary: Key authentication doesn't work with ecdsa keys
                 Key: KARAF-7753
                 URL: https://issues.apache.org/jira/browse/KARAF-7753
             Project: Karaf
          Issue Type: Bug
          Components: karaf
    Affects Versions: 4.4.4
            Reporter: Andre Schlegel-Tylla


Key based authentication isn't working anymore. With Karaf 4.4.3 we had no 
problems.

 

To reproduce follow the manual 
[https://karaf.apache.org/manual/latest/#_managing_authentication_by_key] but 
replace "rsa" with "ecdsa" for the key creation:
{code:java}
ssh-keygen -t ecdsa -f karaf.id_rsa{code}
 

 

sshd Log Karaf 4.4.4
{code:java}
2023-09-20T08:47:30,532 | DEBUG | 
sshd-SshServer[39ab90a6](port=8101)-nio2-thread-2 | UserAuthPublicKey           
     | 165 - org.apache.sshd.osgi - 2.10.0 | 
doAuth(karaf2@ServerSessionImpl[null@/[0:0:0:0:0:0:0:1]:53738]) verify key 
type=ecdsa-sha2-nistp256, 
factories=ssh-rsa,rsa-sha2-256,rsa-sha2-512,[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
 fingerprint=SHA256:ytAdBMtQ99Rk0YRk+nIERN+jg0tejbymaKnM5rvlfAQ
2023-09-20T08:47:30,532 | DEBUG | 
sshd-SshServer[39ab90a6](port=8101)-nio2-thread-2 | UserAuthPublicKey           
     | 165 - org.apache.sshd.osgi - 2.10.0 | 
doAuth(karaf2@ServerSessionImpl[null@/[0:0:0:0:0:0:0:1]:53738]) key 
type=ecdsa-sha2-nistp256, 
fingerprint=SHA256:ytAdBMtQ99Rk0YRk+nIERN+jg0tejbymaKnM5rvlfAQ - authentication 
result: false {code}
Same part of the log with Karaf 4.4.3
{code:java}
2023-09-20T09:04:26,979 | DEBUG | 
sshd-SshServer[64c0cbfc](port=8101)-nio2-thread-2 | UserAuthPublicKey           
     | 174 - org.apache.sshd.osgi - 2.9.2 | 
doAuth(karaf2@ServerSessionImpl[null@/[0:0:0:0:0:0:0:1]:55857]) verify key 
type=ecdsa-sha2-nistp256, 
factories=ssh-rsa,rsa-sha2-256,rsa-sha2-512,[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
 
fingerprint=SHA256:ytAdBMtQ99Rk0YRk+nIERN+jg0tejbymaKnM5rvlfAQ2023-09-20T09:04:26,979
 | DEBUG | sshd-SshServer[64c0cbfc](port=8101)-nio2-thread-2 | 
UserAuthPublicKey                | 174 - org.apache.sshd.osgi - 2.9.2 | 
doAuth(karaf2@ServerSessionImpl[null@/[0:0:0:0:0:0:0:1]:55857]) key 
type=ecdsa-sha2-nistp256, 
fingerprint=SHA256:ytAdBMtQ99Rk0YRk+nIERN+jg0tejbymaKnM5rvlfAQ - authentication 
result: true {code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to