https://bugs.kde.org/show_bug.cgi?id=398574
Bug ID: 398574
Summary: KIO SFTP doesn't connect to some (ecdsa-sha2-nistp256
key) hosts with libssh 0.8
Product: kio-extras
Version: 18.08.1
Platform: openSUSE RPMs
OS: Linux
Status: UNCONFIRMED
Severity: normal
Priority: NOR
Component: SFTP
Assignee: plasma-b...@kde.org
Reporter: w01dn...@gmail.com
Target Milestone: ---
After update of libssh to 0.8.2 KIO SFTP stopped to connect to hosts with known
ecdsa-sha2-nistp256 keys, while `ssh` and KIO FISH work fine.
KIO SFTP fails with error
"The host key for this server was not found, but another type of key
exists. An attacker might change the default server key to confuse your client
into thinking the key does not exist. Please contact your system
administrator."
One of servers has ecdsa-sha2-nistp256 key but still works.
I've looked into code and found that kio_sftp in sftpProtocol::openConnection()
calls
```
rc = ssh_get_publickey_hash(srv_pubkey,
SSH_PUBLICKEY_HASH_SHA1,
&hash,
&hlen);
```
I think that worked fine with 0.7.5 which had only SSH_PUBLICKEY_HASH_SHA1 and
SSH_PUBLICKEY_HASH_MD5 cases in switch.
But 0.8.2 also has SSH_PUBLICKEY_HASH_SHA256.
BTW, called after that ssh_is_server_known is deprecated.
--
You are receiving this mail because:
You are watching all bug changes.
