Description
It seems that with KARAF-5286 support for the 'simple' host key format was removed.
If one tries to connect to a karaf instance that still has a 'simple' host.key, it produces this exception:
org.apache.commons.ssl.ProbablyNotPKCS8Exception: asn1 parse failure: java.io.IOException: DER length more than 4 bytes
It seems that in this case the SSH server generates a new key in memory without persisting it which means that on each start the client will see a new SSH fingerprint.
I would like to submit a pull request that falls back to the old format in case the file is not a valid PEM. If that's successful it would replace the host.key with a PEM version of that keypair.
Attachments
Issue Links
- links to