CODEWITHSUNDEEP
sshapache-minaed25519eddsa
ismarlowe
ismarlowe

Reputation: 157

Adding support for ED25519 to Apache MINA sshd. How to achieve this?

According to the Apache MINA sshd official documentation, support for ED25519 must be added by including net.i2p.crypto:eddsa to the classpath.

In my Gradle project, I've done so by writing:

dependencies {
    ***
    // Apache MINA sshd
    implementation('org.apache.sshd:apache-sshd:2.9.1') {
        exclude group: 'org.apache.sshd', module: 'sshd-netty'
        compileClasspath('net.i2p.crypto:eddsa:0.3.0')
    }
    ***
}

I haven't added any changes at the code level, though. For the record, the client code is a copy&paste of some sample code I found online which connects to an SSH server & executes command ll. There's nothing else to it.

However, when trying to connect to a remote machine which only supports ED25519, I still get the error:

Caused by: org.apache.sshd.common.SshException: No more authentication methods available

When inspecting the SSHd log on the server side, I see the client (the Apache MINA sshd client) is still NOT offering ED25519 as part of the KEX negotiation:

debug2: host key algorithms: [email protected],[email protected],[email protected],ssh-ed25519-ce>

Am I missing any steps? Is there some extra configuration that needs to be done in the client code?

Upvotes: 0

Views: 2740

Answers (1)

ismarlowe
ismarlowe

Reputation: 157

This did the work:

SshClient client = SshClient.setUpDefaultClient();
client.setSignatureFactories(
                Arrays.asList(
                        BuiltinSignatures.ed25519,
                        BuiltinSignatures.ed25519_cert,
                        BuiltinSignatures.sk_ssh_ed25519));
client.start();

Upvotes: 1

Related Questions