[jira] [Commented] (KARAF-7753) Key authentication doesn't work with ecdsa keys

Wed, 03 Jan 2024 06:33:04 -0800 


    [ 
https://issues.apache.org/jira/browse/KARAF-7753?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17802200#comment-17802200
 ] 

Jean-Baptiste Onofré commented on KARAF-7753:
---------------------------------------------

I have an issue with ecdsa on Karaf 4.4.4 but not with the same trace. However, 
it works with Karaf 4.4.5-SNAPSHOT which has been upgraded to use sshd 2.11.0.

Which client are you using ?

I'm closing this Jira as it works for me on Karaf 4.4.5-SNAPSHOT. Please reopen 
if you have the same issue on Karaf 4.4.5 (when the release will be available).

> Key authentication doesn't work with ecdsa keys
> -----------------------------------------------
>
>                 Key: KARAF-7753
>                 URL: https://issues.apache.org/jira/browse/KARAF-7753
>             Project: Karaf
>          Issue Type: Bug
>          Components: karaf
>    Affects Versions: 4.4.4
>            Reporter: Andre Schlegel-Tylla
>            Assignee: Jean-Baptiste Onofré
>            Priority: Major
>
> Key based authentication isn't working anymore. With Karaf 4.4.3 we had no 
> problems.
>  
> To reproduce follow the manual 
> [https://karaf.apache.org/manual/latest/#_managing_authentication_by_key] but 
> replace "rsa" with "ecdsa" for the key creation:
> {code:java}
> ssh-keygen -t ecdsa -f karaf.id_rsa{code}
>  
>  
> sshd Log Karaf 4.4.4
> {code:java}
> 2023-09-20T08:47:30,532 | DEBUG | 
> sshd-SshServer[39ab90a6](port=8101)-nio2-thread-2 | UserAuthPublicKey         
>        | 165 - org.apache.sshd.osgi - 2.10.0 | 
> doAuth(karaf2@ServerSessionImpl[null@/[0:0:0:0:0:0:0:1]:53738]) verify key 
> type=ecdsa-sha2-nistp256, 
> factories=ssh-rsa,rsa-sha2-256,rsa-sha2-512,sk-ecdsa-sha2-nistp...@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
>  fingerprint=SHA256:ytAdBMtQ99Rk0YRk+nIERN+jg0tejbymaKnM5rvlfAQ
> 2023-09-20T08:47:30,532 | DEBUG | 
> sshd-SshServer[39ab90a6](port=8101)-nio2-thread-2 | UserAuthPublicKey         
>        | 165 - org.apache.sshd.osgi - 2.10.0 | 
> doAuth(karaf2@ServerSessionImpl[null@/[0:0:0:0:0:0:0:1]:53738]) key 
> type=ecdsa-sha2-nistp256, 
> fingerprint=SHA256:ytAdBMtQ99Rk0YRk+nIERN+jg0tejbymaKnM5rvlfAQ - 
> authentication result: false {code}
> Same part of the log with Karaf 4.4.3
> {code:java}
> 2023-09-20T09:04:26,979 | DEBUG | 
> sshd-SshServer[64c0cbfc](port=8101)-nio2-thread-2 | UserAuthPublicKey         
>        | 174 - org.apache.sshd.osgi - 2.9.2 | 
> doAuth(karaf2@ServerSessionImpl[null@/[0:0:0:0:0:0:0:1]:55857]) verify key 
> type=ecdsa-sha2-nistp256, 
> factories=ssh-rsa,rsa-sha2-256,rsa-sha2-512,sk-ecdsa-sha2-nistp...@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
>  
> fingerprint=SHA256:ytAdBMtQ99Rk0YRk+nIERN+jg0tejbymaKnM5rvlfAQ2023-09-20T09:04:26,979
>  | DEBUG | sshd-SshServer[64c0cbfc](port=8101)-nio2-thread-2 | 
> UserAuthPublicKey                | 174 - org.apache.sshd.osgi - 2.9.2 | 
> doAuth(karaf2@ServerSessionImpl[null@/[0:0:0:0:0:0:0:1]:55857]) key 
> type=ecdsa-sha2-nistp256, 
> fingerprint=SHA256:ytAdBMtQ99Rk0YRk+nIERN+jg0tejbymaKnM5rvlfAQ - 
> authentication result: true {code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to