Closed realdadfish closed 5 months ago
Hrm... I just figured that getJSch
is protected, so I could overwrite the complete implementation there for my use case. Oh well. Guess this can be closed then.
Please note that jsch is pretty much unmaintained, hence better use the Apache mina-sshd client. At some point in time we will remove support for jsch.
Since it was not totally obvious for me, it all works fine out-of-the box with the said Apache MINA SSHD-Client via service loading when the artifacts org.eclipse.jgit:org.eclipse.jgit.ssh.apache
and org.eclipse.jgit:org.eclipse.jgit.ssh.apache.agent
are in the runtime classpath. Thanks again!
And one more follow-up, to disable SSH Host Key verification (because in the CI Setup I'm using I can't make the default implementation recognize my ~/.ssh/known_hosts
file) the following code was needed:
SshSessionFactory.setInstance(object : SshdSessionFactory() {
override fun createServerKeyDatabase(homeDir: File?, sshDir: File?): ServerKeyDatabase {
return object : ServerKeyDatabase {
override fun lookup(
connectAddress: String?,
remoteAddress: InetSocketAddress?,
config: ServerKeyDatabase.Configuration?
): MutableList<PublicKey> = mutableListOf()
// accept any checked key
override fun accept(
connectAddress: String?,
remoteAddress: InetSocketAddress?,
serverKey: PublicKey?,
config: ServerKeyDatabase.Configuration?,
provider: CredentialsProvider?
): Boolean = true
}
}
})
Version
6.8.0.202311291450-r
Operating System
MacOS
Bug description
If JGit is configured to use a custom
JschConfigSessionFactory
to connect to a locally runningssh-agent
instance via proxy like this:then this
RemoteIdentityRepository
will not be used if the user who is running a program with JGit has a local.ssh/config
file that contains one or more references toIdentityFile
s:The reason for that misbehavior is the following code in
org.eclipse.jgit.transport.ssh.jsch.JschConfigSessionFactory
with inline comments what's going on:Actual behavior
The overridden JSch instance is thrown away.
Expected behavior
The overriden JSch instance should take precedence.
Relevant log output
No response
Other information
No response