diff options
| author | Thomas Wolf <thomas.wolf@paranor.ch> | 2021-03-18 21:16:48 +0100 |
|---|---|---|
| committer | Thomas Wolf <thomas.wolf@paranor.ch> | 2021-03-19 17:27:03 +0100 |
| commit | ffc1f9b02618a59ee72298e9af15f64fe157fa8a (patch) | |
| tree | e84cb42ffa06acbaa78a721d3e4ad465555cf78a /org.eclipse.jgit.ssh.apache.test/build.properties | |
| parent | e5aa53fec99bb7ec45442ab3d0ba58e1d52ee248 (diff) | |
| download | jgit-ffc1f9b02618a59ee72298e9af15f64fe157fa8a.tar.gz jgit-ffc1f9b02618a59ee72298e9af15f64fe157fa8a.zip | |
sshd: implement ssh config PubkeyAcceptedAlgorithms
Apache MINA sshd 2.6.0 appears to use only the first appropriate
public key signature algorithm for a particular key. See [1]. For
RSA keys, that is rsa-sha2-512. This breaks authentication at servers
that only know the older (and deprecated) ssh-rsa algorithm.
With PubkeyAcceptedAlgorithms, users can re-order algorithms in
the ssh config file per host, if needed. Setting
PubkeyAcceptedAlgorithms ^ssh-rsa
will put "ssh-rsa" at the front of the list of algorithms, and then
authentication at such servers with RSA keys works again.
[1] https://issues.apache.org/jira/browse/SSHD-1105
Bug: 572056
Change-Id: I86c3b93f05960c68936e80642965815926bb2532
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
Diffstat (limited to 'org.eclipse.jgit.ssh.apache.test/build.properties')
| -rw-r--r-- | org.eclipse.jgit.ssh.apache.test/build.properties | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/org.eclipse.jgit.ssh.apache.test/build.properties b/org.eclipse.jgit.ssh.apache.test/build.properties index 9ffa0caf78..406c5a768f 100644 --- a/org.eclipse.jgit.ssh.apache.test/build.properties +++ b/org.eclipse.jgit.ssh.apache.test/build.properties @@ -3,3 +3,5 @@ output.. = bin/ bin.includes = META-INF/,\ .,\ plugin.properties +additional.bundles = org.apache.log4j,\ + org.slf4j.binding.log4j12 |