You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@airflow.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2020/02/18 09:30:00 UTC

[jira] [Commented] (AIRFLOW-6831) Support for various ssh keys and certificates

    [ https://issues.apache.org/jira/browse/AIRFLOW-6831?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17038935#comment-17038935 ] 

ASF GitHub Bot commented on AIRFLOW-6831:
-----------------------------------------

biertie commented on pull request #7452: [AIRFLOW-6831] Support for various ssh keys and certificates
URL: https://github.com/apache/airflow/pull/7452
 
 
   
   For our usecase need to support both ed25519 keys and 'MFA', using a signed key.
   This pull request adds the possibility to both add support for these 2 things.
   
   When creating a hook some extra parameters become availble in the 'extra_parameters' hash, notably:
   
       key_type: (str) can be rsa, ecdsa or ed25519; defaults to rsa
       cert_file: (str) path towards the certicate. Defaults to None
   
   The only thing I am not sure about yet is the part where we read the config file from ~/.ssh. 
   There we default to rsa. Is it ok? Or should we also try to figure out what keys are used? 
   
   This also rewrites the whole concept of the sshHOOK, and how it uses the keys. At the moment it is only tested in our own infrastructure. 
   
   Bert
 
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


> Support for various ssh keys and certificates
> ---------------------------------------------
>
>                 Key: AIRFLOW-6831
>                 URL: https://issues.apache.org/jira/browse/AIRFLOW-6831
>             Project: Apache Airflow
>          Issue Type: New Feature
>          Components: hooks
>    Affects Versions: 2.0.0
>            Reporter: Bert Desmet
>            Priority: Major
>
> For our usecase need to support both ed25519 keys and 'MFA', using a signed key. 
> This pull request adds the possibility to both add support for these 2 things.
>  
> When creating a hook some extra parameters become availble in the 'extra_parameters' hash, notably:
>  * key_type: (str) can be rsa, ecdsa or ed25519; defaults to rsa
>  * cert_file: (str) path towards the certicate. Defaults to None
>  
> Bert
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)