Hi, I'm trying to setup Apache MINA SSHD(version 2.7.0) with SFTP feature. I was trying to setup a simple public key authenticator that supports only EC public keys.
My backend stores EC public keys generated using openssl, in a base64 encoded format. Sample public key in the backend(ECDSA-256, prime256v1 curve): MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnVUXp+iVC3/Z5XxMlqU1r3AkUryBqyhkMDZ1oEx5ThSZNUF1QbSyaSYem8keQkUhlSB8Ib0Bkr0GaMzJ5RkVtw== With the same public key, when I tried to login as SFTP user, I got the public key in PublicKeyAuthenticator's authenticate() callback in a different format: MIIBMzCB7AYHKoZIzj0CATCB4AIBATAsBgcqhkjOPQEBAiEA/////wAAAAEAAAAAAAAAAAAAAAD///////////////8wRAQg/////wAAAAEAAAAAAAAAAAAAAAD///////////////wEIFrGNdiqOpPns+u9VXaYhrxlHQawzFOw9jvOPD4n0mBLBEEEaxfR8uEsQkf4vOblY6RA8ncDfYEt6zOg9KE5RdiYwpZP40Li/hp/m47n60p8D54WK84zV2sxXs7LtkBoN79R9QIhAP////8AAAAA//////////+85vqtpxeehPO5ysL8YyVRAgEBA0IABJ1VF6folQt/2eV8TJalNa9wJFK8gasoZDA2daBMeU4UmTVBdUG0smkmHpvJHkJFIZUgfCG9AZK9BmjMyeUZFbc= Since the formats of the same public key are different, I'm not able to compare the key got in MINA with the one in my backend. However, after a few hours of experimenting, I was able to get the same format as my backend with MINA SSHD version 1.6.0. I would like to be on the latest version of Apache MINA project given the numerous features you guys have created :) Any help around what formats these are and how do I convert between both of them would be very helpful. SFTP command used for logging in: sftp -P22 -i ecdsakey.pem user@localhost OS: MacOS Big Sur(11.3.1) JDK: openjdk version "1.8.0_242" OpenJDK Runtime Environment (AdoptOpenJDK)(build 1.8.0_242-b08) OpenJDK 64-Bit Server VM (AdoptOpenJDK)(build 25.242-b08, mixed mode) Commands used for generating EC key: openssl req -x509 -nodes -days 3650 -newkey ec:<(openssl ecparam -name prime256v1) -keyout ecdsakey.pem -out ecdsacert.pem openssl ec -in ecdsakey.pem -text -noout openssl x509 -in ecdsacert.pem -text -noout openssl x509 -noout -pubkey -in ecdsacert.pem Thank you very much in advance.
