Description
Key based authentication isn't working anymore. With Karaf 4.4.3 we had no problems.
To reproduce follow the manual https://karaf.apache.org/manual/latest/#_managing_authentication_by_key but replace "rsa" with "ecdsa" for the key creation:
ssh-keygen -t ecdsa -f karaf.id_rsa
sshd Log Karaf 4.4.4
2023-09-20T08:47:30,532 | DEBUG | sshd-SshServer[39ab90a6](port=8101)-nio2-thread-2 | UserAuthPublicKey | 165 - org.apache.sshd.osgi - 2.10.0 | doAuth(karaf2@ServerSessionImpl[null@/[0:0:0:0:0:0:0:1]:53738]) verify key type=ecdsa-sha2-nistp256, factories=ssh-rsa,rsa-sha2-256,rsa-sha2-512,sk-ecdsa-sha2-nistp256@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, fingerprint=SHA256:ytAdBMtQ99Rk0YRk+nIERN+jg0tejbymaKnM5rvlfAQ 2023-09-20T08:47:30,532 | DEBUG | sshd-SshServer[39ab90a6](port=8101)-nio2-thread-2 | UserAuthPublicKey | 165 - org.apache.sshd.osgi - 2.10.0 | doAuth(karaf2@ServerSessionImpl[null@/[0:0:0:0:0:0:0:1]:53738]) key type=ecdsa-sha2-nistp256, fingerprint=SHA256:ytAdBMtQ99Rk0YRk+nIERN+jg0tejbymaKnM5rvlfAQ - authentication result: false
Same part of the log with Karaf 4.4.3
2023-09-20T09:04:26,979 | DEBUG | sshd-SshServer[64c0cbfc](port=8101)-nio2-thread-2 | UserAuthPublicKey | 174 - org.apache.sshd.osgi - 2.9.2 | doAuth(karaf2@ServerSessionImpl[null@/[0:0:0:0:0:0:0:1]:55857]) verify key type=ecdsa-sha2-nistp256, factories=ssh-rsa,rsa-sha2-256,rsa-sha2-512,sk-ecdsa-sha2-nistp256@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, fingerprint=SHA256:ytAdBMtQ99Rk0YRk+nIERN+jg0tejbymaKnM5rvlfAQ2023-09-20T09:04:26,979 | DEBUG | sshd-SshServer[64c0cbfc](port=8101)-nio2-thread-2 | UserAuthPublicKey | 174 - org.apache.sshd.osgi - 2.9.2 | doAuth(karaf2@ServerSessionImpl[null@/[0:0:0:0:0:0:0:1]:55857]) key type=ecdsa-sha2-nistp256, fingerprint=SHA256:ytAdBMtQ99Rk0YRk+nIERN+jg0tejbymaKnM5rvlfAQ - authentication result: true
Attachments
Issue Links
- relates to
-
KARAF-7698 Upgrade SSHD to 2.10.0
-
- Resolved
-