You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@mina.apache.org by "Thomas Wolf (Jira)" <ji...@apache.org> on 2022/06/25 14:19:00 UTC

[jira] [Resolved] (SSHD-1272) UserAuthPublicKey: uses ssh-rsa signatures for RSA keys from an agent

     [ https://issues.apache.org/jira/browse/SSHD-1272?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Thomas Wolf resolved SSHD-1272.
-------------------------------
    Fix Version/s: 2.9.0
       Resolution: Fixed

Fixed by commit [cb2cc8e78|https://github.com/apache/mina-sshd/commit/cb2cc8e78c5b94e58fe88dbd3867e40c618f86db].

> UserAuthPublicKey: uses ssh-rsa signatures for RSA keys from an agent
> ---------------------------------------------------------------------
>
>                 Key: SSHD-1272
>                 URL: https://issues.apache.org/jira/browse/SSHD-1272
>             Project: MINA SSHD
>          Issue Type: Bug
>    Affects Versions: 2.8.0
>            Reporter: Thomas Wolf
>            Assignee: Thomas Wolf
>            Priority: Major
>             Fix For: 2.9.0
>
>
> [UserAuthPublicKey|https://github.com/apache/mina-sshd/blob/c876cce935f/sshd-core/src/main/java/org/apache/sshd/client/auth/pubkey/UserAuthPublicKey.java#L198] should fall back to {{session.getSignatureFactories()}} if none are available from the key or the {{UserAuthPublicKey}} instance itself.
> By default no factories are set on the {{UserAuthPublicKey}} instance, and {{KeyAgentIdentity}} objects are not {{SignatureFactoriesHolder}}s. So for keys from an agent, the key type is used as signature type: for RSA keys, this is "ssh-rsa", i.e., the deprecated SHA1 signature.



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@mina.apache.org
For additional commands, e-mail: dev-help@mina.apache.org