Do you support ssh keys in the known_hosts file that use the ecdsa-sha2-nistp256 algorithm?

Question

This question is a follow on to #3 of the original question I asked.  It was in reference to the fact that your Java library said that certain hosts were not already listed in the known_hosts file when server validation was enabled.  In every case, the /usr/bin/sftp program had no problem finding the key, but every key had the same algorithm as listed in the question title.  In looking at your docs, it looks like maybe only RSA & DSA type keys are supported (and are the default).

It also looks like the SSHFTPClient class supports setting your own validator, such that if a key is not found in the known_hosts file, it can automatically be added.  But I'm using the SecureFileTransferClient class, & when I look at the getAdvancedSSHSettings() method, the AdvancedSSHSettings object that is returned only allows me to get the default SSHFTPValidator, I see no way to set my own validator.

How do I set my own SSHFTPValidator subclass if I'm using the SecureFileTransferClient class?

Answer 1

This looks like an oversight.  Given the apparent simplicity of this change, we may be able to get you a patch with the setter included very quickly.  This will require you to have a current support agreement, however.  Do you have a current support agreement?

Comments

I'm not sure, but if you can get this change into your next update, I think that will be ok.  Is there a way to be notified whenever you put out new updates to this Java library?

Also, do you have any plans to support this other algorithm?

---

We'll include the setter in the next update, but we have no plans to add that algorithm at the moment.

---

The next update, 5.2.6, will be released on 3 August 2018.