[ https://issues.apache.org/jira/browse/KARAF-7753?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17802200#comment-17802200 ]
Jean-Baptiste Onofré commented on KARAF-7753: --------------------------------------------- I have an issue with ecdsa on Karaf 4.4.4 but not with the same trace. However, it works with Karaf 4.4.5-SNAPSHOT which has been upgraded to use sshd 2.11.0. Which client are you using ? I'm closing this Jira as it works for me on Karaf 4.4.5-SNAPSHOT. Please reopen if you have the same issue on Karaf 4.4.5 (when the release will be available). > Key authentication doesn't work with ecdsa keys > ----------------------------------------------- > > Key: KARAF-7753 > URL: https://issues.apache.org/jira/browse/KARAF-7753 > Project: Karaf > Issue Type: Bug > Components: karaf > Affects Versions: 4.4.4 > Reporter: Andre Schlegel-Tylla > Assignee: Jean-Baptiste Onofré > Priority: Major > > Key based authentication isn't working anymore. With Karaf 4.4.3 we had no > problems. > > To reproduce follow the manual > [https://karaf.apache.org/manual/latest/#_managing_authentication_by_key] but > replace "rsa" with "ecdsa" for the key creation: > {code:java} > ssh-keygen -t ecdsa -f karaf.id_rsa{code} > > > sshd Log Karaf 4.4.4 > {code:java} > 2023-09-20T08:47:30,532 | DEBUG | > sshd-SshServer[39ab90a6](port=8101)-nio2-thread-2 | UserAuthPublicKey > | 165 - org.apache.sshd.osgi - 2.10.0 | > doAuth(karaf2@ServerSessionImpl[null@/[0:0:0:0:0:0:0:1]:53738]) verify key > type=ecdsa-sha2-nistp256, > factories=ssh-rsa,rsa-sha2-256,rsa-sha2-512,sk-ecdsa-sha2-nistp...@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, > fingerprint=SHA256:ytAdBMtQ99Rk0YRk+nIERN+jg0tejbymaKnM5rvlfAQ > 2023-09-20T08:47:30,532 | DEBUG | > sshd-SshServer[39ab90a6](port=8101)-nio2-thread-2 | UserAuthPublicKey > | 165 - org.apache.sshd.osgi - 2.10.0 | > doAuth(karaf2@ServerSessionImpl[null@/[0:0:0:0:0:0:0:1]:53738]) key > type=ecdsa-sha2-nistp256, > fingerprint=SHA256:ytAdBMtQ99Rk0YRk+nIERN+jg0tejbymaKnM5rvlfAQ - > authentication result: false {code} > Same part of the log with Karaf 4.4.3 > {code:java} > 2023-09-20T09:04:26,979 | DEBUG | > sshd-SshServer[64c0cbfc](port=8101)-nio2-thread-2 | UserAuthPublicKey > | 174 - org.apache.sshd.osgi - 2.9.2 | > doAuth(karaf2@ServerSessionImpl[null@/[0:0:0:0:0:0:0:1]:55857]) verify key > type=ecdsa-sha2-nistp256, > factories=ssh-rsa,rsa-sha2-256,rsa-sha2-512,sk-ecdsa-sha2-nistp...@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, > > fingerprint=SHA256:ytAdBMtQ99Rk0YRk+nIERN+jg0tejbymaKnM5rvlfAQ2023-09-20T09:04:26,979 > | DEBUG | sshd-SshServer[64c0cbfc](port=8101)-nio2-thread-2 | > UserAuthPublicKey | 174 - org.apache.sshd.osgi - 2.9.2 | > doAuth(karaf2@ServerSessionImpl[null@/[0:0:0:0:0:0:0:1]:55857]) key > type=ecdsa-sha2-nistp256, > fingerprint=SHA256:ytAdBMtQ99Rk0YRk+nIERN+jg0tejbymaKnM5rvlfAQ - > authentication result: true {code} -- This message was sent by Atlassian Jira (v8.20.10#820010)