You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@airflow.apache.org by GitBox <gi...@apache.org> on 2020/12/03 09:56:34 UTC

[GitHub] [airflow] NBardelot commented on a change in pull request #12467: Added support for DSS, ECDSA, and Ed25519 private keys in SSHHook

NBardelot commented on a change in pull request #12467:
URL: https://github.com/apache/airflow/pull/12467#discussion_r535032753



##########
File path: airflow/config_templates/config.yml
##########
@@ -2053,3 +2053,13 @@
       type: string
       example: ~
       default: "NamedHivePartitionSensor"
+- name: ssh
+  description: ~
+  options:
+    - name: private_keys_algorithm_support
+      description: |
+        Comma separated list of ssh algorithms names (following `ssh-keygen` naming) supported by
+        SSH hook
+      type: string
+      example: ~
+      default: "dsa,ecdsa,ed25519,rsa"

Review comment:
       Where I work, Airflow is given to teams of users as a platform:
   
     * my team builds the infrastructure and provides Airflow with a standard configuration
     * the teams use their instance of Airflow
   
   Our standard configuration includes the decisions about security. We need to be able to enforce the security team choice of algorithms used.




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org