You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@mina.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2021/03/19 14:16:00 UTC

[jira] [Work logged] (SSHD-1105) Use all possible signatures for a public key type in public key authentication

     [ https://issues.apache.org/jira/browse/SSHD-1105?focusedWorklogId=568957&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-568957 ]

ASF GitHub Bot logged work on SSHD-1105:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 19/Mar/21 14:15
            Start Date: 19/Mar/21 14:15
    Worklog Time Spent: 10m 
      Work Description: tomaswolf opened a new pull request #183:
URL: https://github.com/apache/mina-sshd/pull/183


   Some keys (RSA) may have several signature algorithms (rsa-sha2-512,
   rsa-sha2-256, ssh-rsa). Try them all in the order defined and try
   the next key only if no attempt was successful.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


Issue Time Tracking
-------------------

            Worklog Id:     (was: 568957)
    Remaining Estimate: 0h
            Time Spent: 10m

> Use all possible signatures for a public key type in public key authentication
> ------------------------------------------------------------------------------
>
>                 Key: SSHD-1105
>                 URL: https://issues.apache.org/jira/browse/SSHD-1105
>             Project: MINA SSHD
>          Issue Type: Improvement
>    Affects Versions: 2.5.1
>            Reporter: Lyor Goldstein
>            Priority: Minor
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> The current code iterates over the keys the user provided and then attempts to find a +single+ matching signature factory.  However, for some key types (e.g., RSA) there is more than one possible signature - e.g., {{ssh-rsa, rsa-sha2-256, rsa-sha2-512}}. The code should try +all+ matching signature factories in the same +order+ as the user defined them.
> {code:java|title=Pseudo code}
> for (KeyPair kp : userKeys) {
>     Collection<String> aliases = KeyUtils.getAllKeyTypeAliases(kp);
>     for (SignatureFactory factory : userSignatures) {
>           // NOTE: need to check how not to confuse ...-cert@openssh,com.. key type aliases
>           if (aliases.contains(factory.getName()) {
>                tryPublicKeyAuth(factory, kp);
>           }
>     }
> }
> {code}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@mina.apache.org
For additional commands, e-mail: dev-help@mina.apache.org