-
Notifications
You must be signed in to change notification settings - Fork 17
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Server key did not validate when hashed known host entry is present #588
Comments
Found bug in SSHD client, it hashes the hostname only, ignoring the port. The bug can be workaround by creating a copy of KnownHostEntry.isHostMatch() and changing it to if (super.isHostMatch(host, port)) {
return true;
}
KnownHostHashValue hash = getHashedEntry();
if (port == 22) {
return (hash != null) && hash.isHostMatch(host);
} else {
return (hash != null) && hash.isHostMatch("[" + host + "]:" + port);
} |
Bug is still present in latest mina-sshd 2.1.0, see https://github.com/NLeSC/Xenon/tree/mina-2.1.0 branch. Create issue https://issues.apache.org/jira/browse/SSHD-852 to get it fixed in mina-sshd. |
Fix has been merged apache/mina-sshd@326725d, waiting for new release >v2.1.0 of mina sshd so we can upgrade the dependency. |
Great! |
As it contains the encrypted host key fix, so we no longer need our own fork Refs #588
Now using Mina sshd 2.2.0, so it is fixed. |
I did:
In my ~/.ssh/known_hosts
there is now a hashed entry for
localhost:10022`.When I try to create a scheduler with
Xenon throws a
org.apache.sshd.common.SshException: Server key did not validate
exception.The text was updated successfully, but these errors were encountered: