alex-sherwin opened a new pull request #194: URL: https://github.com/apache/mina-sshd/pull/194
Fully implements https://issues.apache.org/jira/browse/SSHD-1161 This PR covers using OpenSSH client certificate publickey authentication from the MINA client code It's unit tested against OpenSSH sshd using testcontainers OpenSSH client certificate publickey authentication is an extension to https://datatracker.ietf.org/doc/html/rfc4252#section-7 as defined in https://cvsweb.openbsd.org/src/usr.bin/ssh/PROTOCOL.certkeys?annotate=HEAD It slightly modifies the existing MINA certkeys code, which was originally added to only support host certificates. The most significant change to the existing code was renaming the `OpenSshCertificate.getServerHostKey` function to `OpenSshCertificate.getCertPubKey`, as `getServerHostKey` was a confusing name since a `OpenSshCertificate` instance can be either a server host cert or client cert. The unit test covers the following client certificate types (which are all the types that current stable OpenSSH enables by default): * [email protected] * [email protected] * [email protected] * [email protected] * [email protected] * [email protected] -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
