Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[egit-dev] Bug 520927: moving away from JSch

Hi all,

now that we've managed to get Apache sshd 2.0.0 correctly into Orbit
I've pushed to Gerrit a new implementation of the JGit ssh support
using sshd instead of JSch. I basically followed the steps I had
outlined in bug 520927:
first add tests, then refactor to get rid of unwanted JSch dependencies,
then add the new sshd stuff. It's a series of commits all with topic

* Ssh tests with an Apache MINA sshd test git server
* Factor out a JSch-independent ssh config parser
* TransportSftp: remove final modifiers from parameters
* TransportSftp: eliminate dependency on Jsch
* Add more ssh tests: pushing, known_host file handling, etc.
* Apache MINA sshd client
* Add features for the Apache MINA sshd implementation
* Add ssh tests for PreferredAuthentications
* Apache MINA sshd client: add gssapi-with-mic authentication
* Apache MINA sshd client: respect NumberOfPasswordPrompts
* Apache MINA sshd client: properly handle HostKeyAlgorithms config
* Apache MINA sshd: use NumberOfPasswordPrompts for encrypted keys
* Add --ssh option to command-line commands
* Apache MINA sshd client: proxy support

First commit of the series is .

The implementation is in a new bundle; the existing core bundle
org.eclipse.jgit is unaffected by this. So it's still possible
to use only org.eclipse.jgit without any of the new sshd things.

The JGit command-line tool has a new option --ssh with arguments
"jsch" (default) or "apache" to select which implementation to
use. This is intended as a temporary measure; it allows users to

In EGit, there is one commit that makes the new sshd-based
implementation available in Eclipse. For now there's a new preference
in the main git preference page where one can select whether to use
JSch or sshd. JSch is still the default.

Once we're happy with the new implementation we could remove these
switches again.

Not done yet: EdDSA support (ed25519 keys). Let's first get the JSch
replacement right, and then start adding new features.

Known bugs in sshd 2.0.0 that may affect some users:

* SSHD-852: reading hashed host keys from known_hosts.[1]

All these changes were pushed to Gerrit via Eclipse using this new
sshd implementation. :-) I work on Mac OS X 12.6.

It would be good if other people could test this on Linux (I don't
expect problems there; after all our Jenkins builds and tests run
on Linux) and especially Windows (now that might perhaps uncover
things related to the rather different file path format, and perhaps
slash-vs-backslash things).

Looking forward to your reviews!



Back to the top