tomaswolf commented on issue #682:
URL: https://github.com/apache/mina-sshd/issues/682#issuecomment-2705880673
BTW (and unrelated to this problem with Fortinet), this bit in your client
config may be problematic:
```
this.client.setSignatureFactories(
new ArrayList<>(NamedFactory.setUpBuiltinFactories(false,
BuiltinSignatures.VALUES)));
```
I think you'll get the order of algorithms as it is defined in the
BuiltinSignatures enum, with ssh-dss first, and with ssh-rsa before
rsa-sha2-512 or rsa-sha2-256. Especially the latter has been known to cause
trouble with some servers; see
[SSHD-1277](https://issues.apache.org/jira/browse/SSHD-1277). And this order is
bad anyway, the strongest algorithms should come first.
We provide a reasonable [default
order](https://github.com/apache/mina-sshd/blob/f826ec945a40/sshd-core/src/main/java/org/apache/sshd/common/BaseBuilder.java#L128)
out of the box; if you want to enable some deprecated signature algorithms
that are not included in that default list, add them at the end.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
