[egit-dev] Bug 520927: moving away from JSch

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[egit-dev] Bug 520927: moving away from JSch

From: Thomas Wolf <thomas.wolf@xxxxxxxxxx>
Date: Sat, 3 Nov 2018 12:00:34 +0100
Delivered-to: egit-dev@xxxxxxxxxxx
List-archive: <https://www.eclipse.org/mailman/private/egit-dev>
List-help: <mailto:egit-dev-request@eclipse.org?subject=help>
List-subscribe: <https://www.eclipse.org/mailman/listinfo/egit-dev>, <mailto:egit-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://www.eclipse.org/mailman/options/egit-dev>, <mailto:egit-dev-request@eclipse.org?subject=unsubscribe>

Hi all,

now that we've managed to get Apache sshd 2.0.0 correctly into Orbit
I've pushed to Gerrit a new implementation of the JGit ssh support
using sshd instead of JSch. I basically followed the steps I had
outlined in bug 520927: https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927
first add tests, then refactor to get rid of unwanted JSch dependencies,
then add the new sshd stuff. It's a series of commits all with topic
"sshd":

* Ssh tests with an Apache MINA sshd test git server
* Factor out a JSch-independent ssh config parser
* TransportSftp: remove final modifiers from parameters
* TransportSftp: eliminate dependency on Jsch
* Add more ssh tests: pushing, known_host file handling, etc.
* Apache MINA sshd client
* Add features for the Apache MINA sshd implementation
* Add ssh tests for PreferredAuthentications
* Apache MINA sshd client: add gssapi-with-mic authentication
* Apache MINA sshd client: respect NumberOfPasswordPrompts
* Apache MINA sshd client: properly handle HostKeyAlgorithms config
* Apache MINA sshd: use NumberOfPasswordPrompts for encrypted keys
* Add --ssh option to command-line commands
* Apache MINA sshd client: proxy support

https://git.eclipse.org/r/#/q/topic:sshd+project:jgit/jgit

First commit of the series is https://git.eclipse.org/r/#/c/131879/ .

The implementation is in a new bundle; the existing core bundle
org.eclipse.jgit is unaffected by this. So it's still possible
to use only org.eclipse.jgit without any of the new sshd things.

The JGit command-line tool has a new option --ssh with arguments
"jsch" (default) or "apache" to select which implementation to
use. This is intended as a temporary measure; it allows users to
experiment.

In EGit, there is one commit that makes the new sshd-based
implementation available in Eclipse. For now there's a new preference
in the main git preference page where one can select whether to use
JSch or sshd. JSch is still the default.

Once we're happy with the new implementation we could remove these
switches again.

Not done yet: EdDSA support (ed25519 keys). Let's first get the JSch
replacement right, and then start adding new features.

Known bugs in sshd 2.0.0 that may affect some users:

* SSHD-852: reading hashed host keys from known_hosts.[1]

All these changes were pushed to Gerrit via Eclipse using this new
sshd implementation. :-) I work on Mac OS X 12.6.

It would be good if other people could test this on Linux (I don't
expect problems there; after all our Jenkins builds and tests run
on Linux) and especially Windows (now that might perhaps uncover
things related to the rather different file path format, and perhaps
slash-vs-backslash things).

Looking forward to your reviews!

Cheers,

  Thomas
  
[1] https://issues.apache.org/jira/projects/SSHD/issues/SSHD-852

Follow-Ups:
- Re: [egit-dev] Bug 520927: moving away from JSch
  - From: Thomas Wolf

Prev by Date: [egit-dev] Signing Commits in Eclipse
Next by Date: [egit-dev] [aeri] Weekly Problem Digest for EGit / JGit ≥ 4.8
Previous by thread: [egit-dev] Signing Commits in Eclipse
Next by thread: Re: [egit-dev] Bug 520927: moving away from JSch
Index(es):
- Date
- Thread

Breadcrumbs