You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@mina.apache.org by "Thomas Wolf (Jira)" <ji...@apache.org> on 2022/06/23 09:48:00 UTC

[jira] [Created] (SSHD-1272) UserAuthPublicKey: uses ssh-rsa signatures for RSA keys from an agent

Thomas Wolf created SSHD-1272:
---------------------------------

             Summary: UserAuthPublicKey: uses ssh-rsa signatures for RSA keys from an agent
                 Key: SSHD-1272
                 URL: https://issues.apache.org/jira/browse/SSHD-1272
             Project: MINA SSHD
          Issue Type: Bug
    Affects Versions: 2.8.0
            Reporter: Thomas Wolf


[UserAuthPublicKey|https://github.com/apache/mina-sshd/blob/c876cce935f/sshd-core/src/main/java/org/apache/sshd/client/auth/pubkey/UserAuthPublicKey.java#L198] should fall back to {{session.getSignatureFactories()}} if none are available from the key or the {{UserAuthPublicKey}} instance itself.

By default no factories are set on the {{UserAuthPublicKey}} instance, and {{KeyAgentIdentity}} objects are not {{SignatureFactoriesHolder}}s. So for keys from an agent, the key type is used as signature type: for RSA keys, this is "ssh-rsa", i.e., the deprecated SHA1 signature.



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@mina.apache.org
For additional commands, e-mail: dev-help@mina.apache.org