|SSH keystore incompatible if generated with IBM JDK [message #1000483]
||Mon, 14 January 2013 16:42
| Kevin Beasley
Registered: October 2012
My company is developing an equinox 3.8 based product. We rely on the ssh console for remote support. The deployment requirement is java 1.6.|
We are using org.apache.sshd.core.0.5.0.v201108120515.jar in our application. I have tested with org.apache.sshd.0.8.0.jar, which is the latest downloadable version, with the same outcome.
Our ssh configuration is set up so that a host key is automatically generated the first time the product is run.
When running on sun/oracle jvm, the host key is generated properly. In this context "properly" means that an ssh client will connect to the embedded sshd in our product and successfully negotiate the KEX protocol.
When running on an IBM jvm, the host key is not generated properly. Using ssh (on linux, or putty on windows), the KEX negotiation fails while attempting to verify the host key signature.
It seems that the Apache Karaf folks have a solution for this issue which involves the keySize and algorithm values that they use to create the SshServer instance in Karaf. For reference see: jira issue h t t p : / / issues.apache.org/jira/browse/KARAF-151.
I am hopeful that there is/are configuration properties of some kind exposed to the equinox container that I can set to achieve the same effect that they did in Karaf.
If that is not possible, is there any work around other than supplying a hostkey created with a Sun jvm in our product?
Powered by FUDForum
. Page generated in 0.02755 seconds