Details

    • Type: Bug
    • Status: Closed
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 2.8
    • Fix Version/s: 2.12
    • Component/s: wagon-ssh
    • Labels:
      None
    • Flags:
      Patch

      Description

      Currently, when adding new fingerprints the whole known_hosts file is rewritten from the loaded fingerprints.
      But only fingerprints with a compatible algorithm (from jsch point of view) are kept: for example, all "ecdsa-sha2-nistp256" are lost!

        Issue Links

          Activity

          Hide
          marob Maxime Robert added a comment -
          Show
          marob Maxime Robert added a comment - Pull request: https://github.com/apache/maven-wagon/pull/16
          Show
          dantran Dan Tran added a comment - fixed at https://git1-us-west.apache.org/repos/asf?p=maven-wagon.git;a=commit;h=0eed00cf
          Hide
          mirabilos Thorsten Glaser added a comment -

          Or, as a workaround, put this…

          Host *
              VisualHostKey no
              HashKnownHosts no
              HostKeyAlgorithms ssh-rsa
          

          … in /etc/ssh/ssh_config right from the start.
          It’s better anyway, IMHO.

          Show
          mirabilos Thorsten Glaser added a comment - Or, as a workaround, put this… Host * VisualHostKey no HashKnownHosts no HostKeyAlgorithms ssh-rsa … in /etc/ssh/ssh_config right from the start. It’s better anyway, IMHO.

            People

            • Assignee:
              dantran Dan Tran
              Reporter:
              marob Maxime Robert
            • Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development