Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » Equinox » SSH keystore incompatible if generated with IBM JDK(Equinox 3.8, ssh console, generated host key is invalid when running on IBM jdk 1.6 SR12 )
SSH keystore incompatible if generated with IBM JDK [message #1000483] Mon, 14 January 2013 21:42 Go to next message
Kevin Beasley is currently offline Kevin Beasley
Messages: 4
Registered: October 2012
Junior Member
My company is developing an equinox 3.8 based product. We rely on the ssh console for remote support. The deployment requirement is java 1.6.

We are using org.apache.sshd.core.0.5.0.v201108120515.jar in our application. I have tested with org.apache.sshd.0.8.0.jar, which is the latest downloadable version, with the same outcome.

Our ssh configuration is set up so that a host key is automatically generated the first time the product is run.

When running on sun/oracle jvm, the host key is generated properly. In this context "properly" means that an ssh client will connect to the embedded sshd in our product and successfully negotiate the KEX protocol.

When running on an IBM jvm, the host key is not generated properly. Using ssh (on linux, or putty on windows), the KEX negotiation fails while attempting to verify the host key signature.

It seems that the Apache Karaf folks have a solution for this issue which involves the keySize and algorithm values that they use to create the SshServer instance in Karaf. For reference see: jira issue h t t p : / / issues.apache.org/jira/browse/KARAF-151.

I am hopeful that there is/are configuration properties of some kind exposed to the equinox container that I can set to achieve the same effect that they did in Karaf.

If that is not possible, is there any work around other than supplying a hostkey created with a Sun jvm in our product?

Thanks,

Kevin

Re: SSH keystore incompatible if generated with IBM JDK [message #1001269 is a reply to message #1000483] Wed, 16 January 2013 11:06 Go to previous messageGo to next message
Lazar Kirchev is currently offline Lazar Kirchev
Messages: 28
Registered: July 2009
Location: Sofia, Bulgaria
Junior Member
Hi Kevin,

You are using the Equinox SSH console and you don't instantiate sshd server in your app, right? In this case I could not propose any workaround for the problem, the key size is not exposed as a property. Please open a bug against the Equinox console.

Regards,
Lazar
Re: SSH keystore incompatible if generated with IBM JDK [message #1001871 is a reply to message #1001269] Thu, 17 January 2013 13:39 Go to previous message
Kevin Beasley is currently offline Kevin Beasley
Messages: 4
Registered: October 2012
Junior Member
Hello Lazar,

Thanks for the reply.

That is correct. We use the Equinox SSH console as a remote access tool only. None of our product code depends on, interacts with, or instantiates objects from the bundles which supply that functionality.

I will open a bug.

Regards,

Kevin
Previous Topic:Get List of all Bundles
Next Topic:How to load a workspace specific plugin
Goto Forum:
  


Current Time: Fri Oct 24 15:03:44 GMT 2014

Powered by FUDForum. Page generated in 0.01562 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software