We can depend on core directly, but ```jsch.agentproxy.jsch``` brings in
```com.jcraft.jsch.agentproxy.RemoteIdentityRepository``` which is the glue
between the agent and jsch and analogously ```jsch.agentproxy.sshj``` brings in
```com.jcraft.jsch.agentproxy.sshj.AuthAgent``` which is the glue
I think the whole authentication login with these ssh connections needs a
rethink at some point (hopefully not with this pull request though). The way I,
as a user, would like it to work is that I just pile on authentication methods
that have some hope of succeeding and then when connecting we
@@ -63,9 +77,14 @@ public Factory(ProxyConfig proxyConfig,
BackoffLimitedRetryHandler backoffLimite
@Override
public SshClient create(HostAndPort socket, LoginCredentials
credentials) {
- SshClient client = new JschSshClient(proxyConfig,
Case insensitive now.
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds/pull/312#issuecomment-38771519
Squashed the commits since they didn't add any information and got rid of the
last pesky checkstyle violation. Ended up being a missing newline at the end of
a file - just couldn't see that in the UI. Had to log into the jenkins server
and dig out the xml report to see that.
Anyway this single
@@ -156,6 +157,15 @@ public String getPrivateKey() {
}
/**
+* @return true if there is a private key attached that is not encrypted
+*/
+ public boolean hasUnencryptedPrivateKey() {
+ return getPrivateKey() != null
+ !getPrivateKey().isEmpty()
+
byte[] privateKey = loginCredentials.getPrivateKey().getBytes();
jsch.addIdentity(loginCredentials.getUser(), privateKey, null,
emptyPassPhrase);
+ } else {
The checkArgument above makes the resulting else branch impossible to reach...
---
Reply to this email
@@ -128,23 +132,44 @@ public JschSshClient(ProxyConfig proxyConfig,
BackoffLimitedRetryHandler backoff
this.user = checkNotNull(loginCredentials,
loginCredentials).getUser();
this.host = checkNotNull(socket, socket).getHostText();
checkArgument(socket.getPort() 0, ssh
}
sessionConnection =
SessionConnection.builder().hostAndPort(HostAndPort.fromParts(host,
socket.getPort())).loginCredentials(
loginCredentials).proxy(checkNotNull(proxyConfig,
proxyConfig)).connectTimeout(timeout).sessionTimeout(timeout).build();
}
@@ -67,5 +70,19 @@ public SshClient create(HostAndPort socket,
LoginCredentials credentials) {
injector.injectMembers(client);// add logger
return client;
}
+
+ @Override
+ public boolean existsSshAgent() {
+ try {
Could do that (reuse
@@ -128,23 +132,44 @@ public JschSshClient(ProxyConfig proxyConfig,
BackoffLimitedRetryHandler backoff
this.user = checkNotNull(loginCredentials,
loginCredentials).getUser();
this.host = checkNotNull(socket, socket).getHostText();
checkArgument(socket.getPort() 0, ssh
+exception
+ conflictingDependencies
+dependency
+ groupIdcom.jcraft/groupId
+ artifactIdjsch.agentproxy.core/artifactId
+ version0.0.7/version
+/dependency
+
byte[] privateKey = loginCredentials.getPrivateKey().getBytes();
jsch.addIdentity(loginCredentials.getUser(), privateKey, null,
emptyPassPhrase);
+ } else {
+ Connector con = JschSshClient.getSSHAgentConnector();
Where should that code go? Interfaces in
Now there is duplicated code in the factories, but I guess they should be
totally independent anyways.
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds/pull/312#issuecomment-38266301
Would be nice to get the jenkins conf you run to get these so I could test
these myself. Pure mvn clean install gives me no errors.
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds/pull/312#issuecomment-38277678
Sounds great :)
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds/pull/312#issuecomment-38292692
Uh sorry, we use our fork for our development so I pulled in the current
jclouds master. Didn't realized they would come into this pull request... I'll
try and clean that up.
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds/pull/312#issuecomment-38050175
Now it only has only my commits on top of the fork. Should I try and rebase?
The master I last pulled had no conflicts...
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds/pull/312#issuecomment-38053679
ssh-agent is a more secure way of providing private ssh keys to ssh connections
since an attacker would have to have access to the memory of the client to get
access to the unencrypted key. Keys without encryption are accessible on the
disk.
You can merge this Pull Request by running:
git
I can probably make another pull request for the agent support for sshj. There
is at least an example of sshj using the same agent proxy.
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds/pull/312#issuecomment-37311936
Added the sshj bits. Works for me at least ;)
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds/pull/312#issuecomment-37317712
Might be worth mentioning that I had no way of testing this on a windows
client. Pageant should work, but I have no way of verifying that...
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds/pull/312#issuecomment-37329118
22 matches
Mail list logo
