You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "Pierre Villard (Jira)" <ji...@apache.org> on 2020/09/12 09:34:00 UTC

[jira] [Reopened] (NIFIREG-346) Update JGit to use Apache MINA sshd

     [ https://issues.apache.org/jira/browse/NIFIREG-346?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Pierre Villard reopened NIFIREG-346:
------------------------------------
      Assignee: Pierre Villard  (was: Bryan Bende)

Reopening to fix the build issue following the upgrade for the bouncycastle dependency.

> Update JGit to use Apache MINA sshd
> -----------------------------------
>
>                 Key: NIFIREG-346
>                 URL: https://issues.apache.org/jira/browse/NIFIREG-346
>             Project: NiFi Registry
>          Issue Type: Wish
>            Reporter: Ken Swanson
>            Assignee: Pierre Villard
>            Priority: Minor
>             Fix For: 0.8.0
>
>          Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> I mentioned this earlier in the Slack, but I didn't get around to making this issue until now.
> The current NiFi registry uses JGit to control Git functionality, specifically (to my concern) to implement the `GitFlowPersistenceProvider` functionality. When using JGit, it is using the default setup of JGit, and by default JGit uses the JSch library to implement the SSH Factory.
> JSch is an older library, and as a consequence it does not interoperate with some newer SSH protocols. Specifically, newer SSH keys (like ed25519) do not appear to work with JSch.
> There is an alternate, and newer, SSH library available to JGit: the Apache MINA sshd library. Using the new library only requires creating a new SshdSessionFactory. Details can be found here: [https://wiki.eclipse.org/JGit/New_and_Noteworthy/5.2]
> I'd like to suggest moving to use Apache MINA sshd in the NiFi Registry. I recently had a problem with my registry where I wanted to use SSH keys to commit back to a repo, and the registry could not access the repo due to the underlying JSch library not being able to use the ed25519 keys. I was able to get around this by setting the GIT_SSH environment variable, but I think it would be a good idea to use the newer library.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)