Our Products:   CompleteFTP  edtFTPnet/Free  edtFTPnet/PRO  edtFTPj/Free  edtFTPj/PRO
0 votes
in Java FTP by (120 points)

Hi, I am working on updating my application to edtFTPjPro 7.2.2 and I am trying to test the new support for ECDSA keys in SFTP.

I have an application which can perfectly perform public key authentication with rsa and dsa keys, but when I try an ecdsa-sha2-nistp256 key, it fails. I suspect that it is not encoding ecdsa public keys properly, since it is failing at the SSH_MSG_USERAUTH_REQUEST step, where the server responds with failure due to not recognizing the public key.

So, have the new key types been tested for public key authentication with Unix OpenSSh servers?

Furthermore, I also perform a call to write the server's public key to a known_hosts file, using the method from EDT SSHFTPPublicKey.write(OutputStream outStr, int formatCode). If the server is using an ecdsa host key, this method produces an invalid public key:

$ ssh-keygen -l -f test_pubkey_ecdsa
key_from_blob: ecdsa curve doesn't match type
key_read: key_from_blob AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAABBBEUTBAjr71RrKVh2M87LSpMQPYshPZXlFP2mJYemWhOnSCiZpF0EQ1CmYbeqbIsE34JqMKSUu0Xku8YfnDxfX2s= failed
test_pubkey_ecdsa is not a public key file.
by (158k points)
I think it's best to open a support ticket for this issue, see https://enterprisedt.com/support/

Please log in or register to answer this question.