Hi Anthony Good catch. A simple workaround is to update bc bundles in the system repo and update the features (a little painful but do-able). I will fix that for 4.4.6 (I will create a Jira).
Thanks ! Regards JB On Thu, Mar 21, 2024 at 2:45 AM Anthony Wood <anth...@quietwoods.net> wrote: > > Hi, > > There seems to be a mismatch between the requirements of sshd-osgi 2.11.0 > (via the ‘ssh’ feature) and the version of bouncycastle in Karaf 4.4.5, which > is 1.75: > > sshd-osgi 2.11.0 imports: > org.bouncycastle.asn1.pkcs {version=[1.76,2), > resolution:=optional} > org.bouncycastle.crypto.prng {version=[1.76,2), > resolution:=optional} > org.bouncycastle.jce.provider {version=[1.76,2), > resolution:=optional} > org.bouncycastle.openssl {version=[1.76,2), > resolution:=optional} > org.bouncycastle.openssl.jcajce {version=[1.76,2), > resolution:=optional} > org.bouncycastle.operator {version=[1.76,2), > resolution:=optional} > org.bouncycastle.pkcs {version=[1.76,2), > resolution:=optional} > org.bouncycastle.pkcs.jcajce {version=[1.76,2), > resolution:=optional} > > Bouncycastle jars included in karaf 4.4.5: > > apache-karaf-4.4.5/system/org/bouncycastle/bcprov-jdk18on/1.75/bcprov-jdk18on-1.75.jar > apache-karaf-4.4.5/system/org/bouncycastle/bcutil-jdk18on/1.75/bcutil-jdk18on-1.75.jar > apache-karaf-4.4.5/system/org/bouncycastle/bcpkix-jdk18on/1.75/bcpkix-jdk18on-1.75.jar > > The result is that an RSA host key cannot be generated due to: > NoClassDefFoundError for org/bouncycastle/openssl/jcajce/JcaPEMWriter, even > when bcpkix-jdk18on 1.75 is installed by the feature. > > We have worked around it by overriding the feature, but it would be great for > this to be addressed in a 4.4.6 release. > > Thanks, > Anthony