This repository has been archived by the owner on Oct 15, 2024. It is now read-only.
Use a custom sshj config #878
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Get random numbers directly from SecureRandom * Use Timber calls for logging * Remove all algorithms that are not in the Mozilla Intermediate SSH config
msfjarvis
previously approved these changes
Jun 23, 2020
app/src/main/java/com/zeapo/pwdstore/git/config/SshjSessionFactory.kt
Outdated
Show resolved
Hide resolved
msfjarvis
previously approved these changes
Jun 23, 2020
|
The logs were full of "{}", now I know why. slf4j is painful. |
msfjarvis
approved these changes
Jun 23, 2020
msfjarvis
added a commit
that referenced
this pull request
Jun 27, 2020
* develop: (24 commits) UI fixups (#892) Update Public Suffix List data (#888) Use remembered credential even if it is empty (#880) Reset SSH passphrase after SSH key import (#885) Prevent cached passwords from being wiped (#884) build: uprev all dependencies (#882) github: update actions for updated branching logic Use a custom sshj config (#878) Remove API 30 from pull request test matrix (#879) Add Google Play/F-Droid badges to the README (#877) Retire Android Arsenal badge (#876) Add paragraphs to F-Droid summary (#874) Replace YAML with HTML in F-Droid fastlane summary (#873) Add relnotes for #871 (#872) Add org.gnu.icecat as a trusted multi-origin browser (#871) README: re-add F-Droid (#870) build: prepare next development version build: bump version to 1.9.0 Prepare release 1.9.0 PasswordCreationActivity: properly guard rename code ... Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
📢 Type of change
📜 Description
Use a custom, relatively modern sshj config that:
💡 Motivation and Context
I decided to get this merged now rather than wait for #807 because I noticed that the default sshj config relies on an RNG that has some known weaknesses that allow its output to be distinguished from a fully random distribution (which doesn't sound too relevant in the context of SSH authentication,but should certainly be prevented by switching to a different RNG).
💚 How did you test it?
I verified that ssh-rsa and ssh-ed25519 keys still work.
📝 Checklist
🔮 Next steps
Figure out how/whether to update the changelog now or after #807 lands, which adds support for the very common
rsa-sha2-*types.📸 Screenshots / GIFs