Evgeny Pasynkov created SSHD-1291: ------------------------------------- Summary: Protocol violation when using async PublicKey auth Key: SSHD-1291 URL: https://issues.apache.org/jira/browse/SSHD-1291 Project: MINA SSHD Issue Type: Bug Affects Versions: 2.9.0 Reporter: Evgeny Pasynkov
Hi. I've noticed that SSHD server violates RFC 4252 section 7 (https://www.rfc-editor.org/rfc/rfc4252#section-7) when using asynchronous public key auth (which means throwing AsyncAuthException() from PublickeyAuthenticator implementation. Part of the client log when using sync approach {code} debug1: Next authentication method: publickey debug1: Offering public key:xxxxxxx RSA SHA256:yCES5R3fRyROO6W3GRfte9EelwXcM29IM3zOzsvwuv0 debug3: send packet: type 50 debug2: we sent a publickey packet, wait for reply debug3: receive packet: type 60 debug1: Server accepts key: xxxxxxxx RSA SHA256:yCES5R3fRyROO6W3GRfte9EelwXcM29IM3zOzsvwuv0 debug3: sign_and_send_pubkey: using publickey with RSA SHA256:yCES5R3fRyROO6W3GRfte9EelwXcM29IM3zOzsvwuv0 debug3: sign_and_send_pubkey: signing using rsa-sha2-512 SHA256:yCES5R3fRyROO6W3GRfte9EelwXcM29IM3zOzsvwuv0 debug3: send packet: type 50 debug3: receive packet: type 52 Authenticated to localhost ([::1]:2224) using "publickey". {code} when using "async" approach: {code} debug1: Next authentication method: publickey debug1: Offering public key: xxxxxxxxxx RSA SHA256:yCES5R3fRyROO6W3GRfte9EelwXcM29IM3zOzsvwuv0 debug3: send packet: type 50 debug2: we sent a publickey packet, wait for reply debug3: receive packet: type 52 Authenticated to localhost ([::1]:2224) using "publickey". {code} Please note that mandatory packet SSH_MSG_USERAUTH_PK_OK is missing. Though standard client tolerates this difference (at least OpenSSH_9.0p1), not all of them do this. Jsch failed to establish session -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org