[wp-trac] [WordPress Trac] #52409: Upload method SSH2 shouldn't use hardwired ssh-rsa hostkey
WordPress Trac
noreply at wordpress.org
Sun Jan 31 22:45:59 UTC 2021
#52409: Upload method SSH2 shouldn't use hardwired ssh-rsa hostkey
---------------------------+-----------------------------
Reporter: richybkreckel | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Upload | Version: 5.6
Severity: normal | Keywords:
Focuses: |
---------------------------+-----------------------------
The constructor of class WP_Filesystem_SSH2 has 'ssh-rsa' hard-coded in
wp-admin/includes/class-wp-filesystem-ssh2.php:91.
This breaks SSH2 uploads on modern systems where this public key signature
algorithm is [https://www.openssh.com/txt/release-8.2 disabled by
default]. (This problem currently affects Fedora 33.)
Changing it to a supported algorithm makes it work again. (I used 'ssh-
ed25519'.) I wonder if we need to set the algorithm at all? Can't we let
SSH just negotiate one from it's set of supported algorithms?
--
Ticket URL: <https://core.trac.wordpress.org/ticket/52409>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list