|
|
|
|
|
|
by AceJohnny2
69 days ago
|
|
|
Adding to this: while certs are indeed well-supported by OpenSSH, it's not always the SSH daemon used on alternate or embedded platforms. For example, OpenWRT used Dropbear [1] instead, which does not support certs. Also, Java programs that implement SSH stuff, like Jenkins, may be doing so using Apache Mina [2] which, though the underlying library supports certs, it is buggy [3] and requires the application to add the UX to also support it. [1] https://matt.ucc.asn.au/dropbear/dropbear.html [2] https://mina.apache.org/sshd-project/ [3] I've been dealing for years with NullPointerExceptions causing the connection to crash when presented with certain ed25519 certificates. |
|
|
I reenabled DB on that alt port when I did the recent major update, just in case, but it wasn't necessary. After the upgrade, OpenSSH was alive and ready.