Uploaded image for project: 'MINA SSHD'
  1. MINA SSHD
  2. SSHD-1105

Use all possible signatures for a public key type in public key authentication

VotersWatch issueWatchersLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • 2.5.1
    • 2.7.0
    • None

    Description

      The current code iterates over the keys the user provided and then attempts to find a single matching signature factory. However, for some key types (e.g., RSA) there is more than one possible signature - e.g., ssh-rsa, rsa-sha2-256, rsa-sha2-512. The code should try all matching signature factories in the same order as the user defined them.

      Pseudo code
      for (KeyPair kp : userKeys) {
          Collection<String> aliases = KeyUtils.getAllKeyTypeAliases(kp);
          for (SignatureFactory factory : userSignatures) {
                // NOTE: need to check how not to confuse ...-cert@openssh,com.. key type aliases
                if (aliases.contains(factory.getName()) {
                     tryPublicKeyAuth(factory, kp);
                }
          }
      }
      

      Attachments

        Issue Links

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            twolf Thomas Wolf
            lgoldstein Lyor Goldstein
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 1h 40m
                1h 40m

                Slack

                  Issue deployment