You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by "Jean-Baptiste Onofré (Jira)" <ji...@apache.org> on 2022/12/14 13:03:00 UTC

[jira] [Resolved] (SSHD-1314) OpenSSHKeyPairProvider is not able to load SimpleKey

     [ https://issues.apache.org/jira/browse/SSHD-1314?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jean-Baptiste Onofré resolved SSHD-1314.
----------------------------------------
    Resolution: Not A Problem

I changed the code in Karaf to use {{SimpleGeneratorHostKeyProvider}} instead of Java serialization.

> OpenSSHKeyPairProvider is not able to load SimpleKey
> ----------------------------------------------------
>
>                 Key: SSHD-1314
>                 URL: https://issues.apache.org/jira/browse/SSHD-1314
>             Project: MINA SSHD
>          Issue Type: Bug
>    Affects Versions: 2.9.2
>            Reporter: Jean-Baptiste Onofré
>            Assignee: Thomas Wolf
>            Priority: Major
>
> Since this commit:
> {code:java}
> commit 5a8fe830b2a2308a2b24ac8115a391af477f64f5
> Author: Thomas Wolf <tw...@apache.org>
> Date:   Sat Nov 5 21:00:40 2022 +0100    Better file handling for host keys
>     
>     Store host keys in the OpenSSH format. This makes it possible to use
>     EdDSA host keys. Also set file permissions and read legacy files more
>     carefully. .../AbstractGeneratorHostKeyProvider.java          |  88 ++++++++++++++---
>  .../SimpleGeneratorHostKeyProvider.java            | 109 ++++++++++++++++++---
>  .../SimpleGeneratorHostKeyProviderTest.java        |  26 ++++-
>  3 files changed, 194 insertions(+), 29 deletions(-)
>  {code}
> it's not possible to "convert" a simple key to SSH key.
>  
> Basically, the following code worked with sshd 2.9.1:
> {code:java}
> File privateKeyTemp = File.createTempFile(this.getClass().getCanonicalName(), ".priv");
> privateKeyTemp.deleteOnExit();
> File publicKeyTemp = File.createTempFile(this.getClass().getCanonicalName(), ".pub");
> publicKeyTemp.deleteOnExit();
> SimpleGeneratorHostKeyProvider simpleGenerator = new SimpleGeneratorHostKeyProvider(privateKeyTemp.toPath());
> simpleGenerator.setKeySize(2048);
> simpleGenerator.setAlgorithm("DSA");
> List<KeyPair> keys = simpleGenerator.loadKeys(null);
> KeyPair simpleKeyPair = keys.stream().findFirst().get();
> Assert.assertEquals("DSA", simpleKeyPair.getPrivate().getAlgorithm());
> OpenSSHKeyPairProvider provider =
>     new OpenSSHKeyPairProvider(privateKeyTemp.toPath(), publicKeyTemp.toPath(), "DSA", 2048, null);
> KeyPair convertedKeyPair = provider.loadKeys(null).iterator().next();
> Assert.assertEquals("DSA", convertedKeyPair.getPrivate().getAlgorithm());
> Assert.assertArrayEquals(simpleKeyPair.getPrivate().getEncoded(),convertedKeyPair.getPrivate().getEncoded());
> Assert.assertArrayEquals(simpleKeyPair.getPublic().getEncoded(),convertedKeyPair.getPublic().getEncoded());
> //also test that the original file has been replaced
> KeyPair keyPair = KeyPairLoader.getKeyPair(Files.newInputStream(privateKeyTemp.toPath()));
> Assert.assertArrayEquals(simpleKeyPair.getPrivate().getEncoded(),keyPair.getPrivate().getEncoded()); {code}
> but it fails now with sshd 2.9.2 with:
> {code:java}
>  INFO: generateKeyPair(DSA) generating host key - size=2048
> Nov 30, 2022 6:12:35 PM org.apache.karaf.shell.ssh.keygenerator.OpenSSHKeyPairProvider loadKeys
> WARNING: Failed to parse keypair in /tmp/org.apache.karaf.shell.ssh.keygenerator.OpenSSHGeneratorKeyFileProviderTest8057592323787152069.priv. Attempting to parse it 'directly'
> Nov 30, 2022 6:12:35 PM org.apache.karaf.shell.ssh.keygenerator.OpenSSHKeyPairProvider loadKeys
> WARNING: Failed to parse keypair in /tmp/org.apache.karaf.shell.ssh.keygenerator.OpenSSHGeneratorKeyFileProviderTest8057592323787152069.priv. Attempting to parse it as a legacy 'simple' key
> Nov 30, 2022 6:12:35 PM org.apache.karaf.shell.ssh.keygenerator.OpenSSHKeyPairProvider loadKeys
> WARNING: /tmp/org.apache.karaf.shell.ssh.keygenerator.OpenSSHGeneratorKeyFileProviderTest8057592323787152069.priv is not a 'simple' key either
> {code}
> because we go on the last try in the {{loadkeys()}} method.
> I will work on a fix.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@mina.apache.org
For additional commands, e-mail: dev-help@mina.apache.org