[jira] [Resolved] (KARAF-7753) Key authentication doesn't work with ecdsa keys

Wed, 03 Jan 2024 06:34:22 -0800 


     [ 
https://issues.apache.org/jira/browse/KARAF-7753?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré resolved KARAF-7753.
-----------------------------------------
    Fix Version/s: 4.5.0
                   4.4.5
       Resolution: Fixed

> Key authentication doesn't work with ecdsa keys
> -----------------------------------------------
>
>                 Key: KARAF-7753
>                 URL: https://issues.apache.org/jira/browse/KARAF-7753
>             Project: Karaf
>          Issue Type: Bug
>          Components: karaf
>    Affects Versions: 4.4.4
>            Reporter: Andre Schlegel-Tylla
>            Assignee: Jean-Baptiste Onofré
>            Priority: Major
>             Fix For: 4.5.0, 4.4.5
>
>
> Key based authentication isn't working anymore. With Karaf 4.4.3 we had no 
> problems.
>  
> To reproduce follow the manual 
> [https://karaf.apache.org/manual/latest/#_managing_authentication_by_key] but 
> replace "rsa" with "ecdsa" for the key creation:
> {code:java}
> ssh-keygen -t ecdsa -f karaf.id_rsa{code}
>  
>  
> sshd Log Karaf 4.4.4
> {code:java}
> 2023-09-20T08:47:30,532 | DEBUG | 
> sshd-SshServer[39ab90a6](port=8101)-nio2-thread-2 | UserAuthPublicKey         
>        | 165 - org.apache.sshd.osgi - 2.10.0 | 
> doAuth(karaf2@ServerSessionImpl[null@/[0:0:0:0:0:0:0:1]:53738]) verify key 
> type=ecdsa-sha2-nistp256, 
> factories=ssh-rsa,rsa-sha2-256,rsa-sha2-512,[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
>  fingerprint=SHA256:ytAdBMtQ99Rk0YRk+nIERN+jg0tejbymaKnM5rvlfAQ
> 2023-09-20T08:47:30,532 | DEBUG | 
> sshd-SshServer[39ab90a6](port=8101)-nio2-thread-2 | UserAuthPublicKey         
>        | 165 - org.apache.sshd.osgi - 2.10.0 | 
> doAuth(karaf2@ServerSessionImpl[null@/[0:0:0:0:0:0:0:1]:53738]) key 
> type=ecdsa-sha2-nistp256, 
> fingerprint=SHA256:ytAdBMtQ99Rk0YRk+nIERN+jg0tejbymaKnM5rvlfAQ - 
> authentication result: false {code}
> Same part of the log with Karaf 4.4.3
> {code:java}
> 2023-09-20T09:04:26,979 | DEBUG | 
> sshd-SshServer[64c0cbfc](port=8101)-nio2-thread-2 | UserAuthPublicKey         
>        | 174 - org.apache.sshd.osgi - 2.9.2 | 
> doAuth(karaf2@ServerSessionImpl[null@/[0:0:0:0:0:0:0:1]:55857]) verify key 
> type=ecdsa-sha2-nistp256, 
> factories=ssh-rsa,rsa-sha2-256,rsa-sha2-512,[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
>  
> fingerprint=SHA256:ytAdBMtQ99Rk0YRk+nIERN+jg0tejbymaKnM5rvlfAQ2023-09-20T09:04:26,979
>  | DEBUG | sshd-SshServer[64c0cbfc](port=8101)-nio2-thread-2 | 
> UserAuthPublicKey                | 174 - org.apache.sshd.osgi - 2.9.2 | 
> doAuth(karaf2@ServerSessionImpl[null@/[0:0:0:0:0:0:0:1]:55857]) key 
> type=ecdsa-sha2-nistp256, 
> fingerprint=SHA256:ytAdBMtQ99Rk0YRk+nIERN+jg0tejbymaKnM5rvlfAQ - 
> authentication result: true {code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to