Skip to main content


Eclipse Community Forums

      Home
Home » Eclipse Projects » Equinox » SSH keystore incompatible if generated with IBM JDK(Equinox 3.8, ssh console, generated host key is invalid when running on IBM jdk 1.6 SR12 )
SSH keystore incompatible if generated with IBM JDK [message #1000483] Mon, 14 January 2013 16:42 Go to next message
Eclipse UserFriend
My company is developing an equinox 3.8 based product. We rely on the ssh console for remote support. The deployment requirement is java 1.6.

We are using org.apache.sshd.core.0.5.0.v201108120515.jar in our application. I have tested with org.apache.sshd.0.8.0.jar, which is the latest downloadable version, with the same outcome.

Our ssh configuration is set up so that a host key is automatically generated the first time the product is run.

When running on sun/oracle jvm, the host key is generated properly. In this context "properly" means that an ssh client will connect to the embedded sshd in our product and successfully negotiate the KEX protocol.

When running on an IBM jvm, the host key is not generated properly. Using ssh (on linux, or putty on windows), the KEX negotiation fails while attempting to verify the host key signature.

It seems that the Apache Karaf folks have a solution for this issue which involves the keySize and algorithm values that they use to create the SshServer instance in Karaf. For reference see: jira issue h t t p : / / issues.apache.org/jira/browse/KARAF-151.

I am hopeful that there is/are configuration properties of some kind exposed to the equinox container that I can set to achieve the same effect that they did in Karaf.

If that is not possible, is there any work around other than supplying a hostkey created with a Sun jvm in our product?

Thanks,

Kevin
Re: SSH keystore incompatible if generated with IBM JDK [message #1001269 is a reply to message #1000483] Wed, 16 January 2013 06:06 Go to previous messageGo to next message
Eclipse UserFriend
Hi Kevin,

You are using the Equinox SSH console and you don't instantiate sshd server in your app, right? In this case I could not propose any workaround for the problem, the key size is not exposed as a property. Please open a bug against the Equinox console.

Regards,
Lazar
Re: SSH keystore incompatible if generated with IBM JDK [message #1001871 is a reply to message #1001269] Thu, 17 January 2013 08:39 Go to previous message
Eclipse UserFriend
Hello Lazar,

Thanks for the reply.

That is correct. We use the Equinox SSH console as a remote access tool only. None of our product code depends on, interacts with, or instantiates objects from the bundles which supply that functionality.

I will open a bug.

Regards,

Kevin
Previous Topic:How to load a workspace specific plugin
Next Topic:Reusing plugins folder for multiple RCP applications
Goto Forum:
  


Current Time: Sat Jul 12 07:42:23 EDT 2025

Powered by FUDForum. Page generated in 0.03786 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top

Sign up to our Newsletter

A fresh new issue delivered monthly