diff --git a/README.md b/README.md
index 211a2ce9..ac29ab7f 100644
--- a/README.md
+++ b/README.md
@@ -21,7 +21,7 @@ a release version. If there were any commits after last tag, project is in SNAPS
 intuitive philosophy, alongside with [Semantic Versioning](http://semver.org/) rules, makes it a lot easier to manage
 project versions along SCM tag versions.
 
-JDK11+ & Gradle 6+ required.
+JDK11+ & Gradle 7+ required.
 
 ## Basic usage
 
diff --git a/build.gradle.kts b/build.gradle.kts
index 726820b3..d135f5ae 100644
--- a/build.gradle.kts
+++ b/build.gradle.kts
@@ -49,7 +49,7 @@ sourceSets {
 }
 
 val jgitVersion = "6.8.0.202311291450-r"
-val jschVersion = "0.1.55"
+val jschVersion = "0.2.16"
 val jschAgentVersion = "0.0.9"
 
 dependencies {
@@ -60,22 +60,21 @@ dependencies {
     runtimeOnly("org.eclipse.jgit:org.eclipse.jgit.gpg.bc:$jgitVersion")
 
     implementation("org.eclipse.jgit:org.eclipse.jgit:$jgitVersion")
-    implementation("org.eclipse.jgit:org.eclipse.jgit.ssh.jsch:$jgitVersion")
-    implementation("com.jcraft:jsch:$jschVersion")
-    implementation("com.jcraft:jsch.agentproxy.core:$jschAgentVersion")
-    implementation("com.jcraft:jsch.agentproxy.jsch:$jschAgentVersion")
-    implementation("com.jcraft:jsch.agentproxy.sshagent:$jschAgentVersion")
-    implementation("com.jcraft:jsch.agentproxy.pageant:$jschAgentVersion")
-    implementation("com.jcraft:jsch.agentproxy.usocket-jna:$jschAgentVersion")
-    implementation("com.jcraft:jsch.agentproxy.usocket-nc:$jschAgentVersion")
+    implementation("org.eclipse.jgit:org.eclipse.jgit.ssh.jsch:$jgitVersion")  {
+        exclude("com.jcraft", "jsch")
+    }
+    implementation("com.github.mwiede:jsch:$jschVersion")
     implementation("com.github.zafarkhaja:java-semver:0.9.0")
+    runtimeOnly("org.bouncycastle:bcprov-jdk18on:1.77")
+    runtimeOnly("com.kohlschutter.junixsocket:junixsocket-core:2.8.3")
+    runtimeOnly("net.java.dev.jna:jna-platform:5.14.0")
 
     testImplementation("org.ajoberstar.grgit:grgit-core:4.1.0") {
         exclude("org.eclipse.jgit", "org.eclipse.jgit.ui")
         exclude("org.eclipse.jgit", "org.eclipse.jgit")
     }
     testImplementation("org.testcontainers:spock:1.17.6")
-    testImplementation("org.spockframework:spock-core:2.2-groovy-2.5")
+    testImplementation("org.spockframework:spock-core:2.3-groovy-3.0")
     testImplementation("cglib:cglib-nodep:3.3.0")
     testImplementation("org.objenesis:objenesis:3.3")
     testImplementation("org.apache.sshd:sshd-core:2.12.0")
@@ -181,13 +180,14 @@ nexusPublishing {
     }
 }
 
-if (System.getenv("GPG_KEY_ID") != null) {
-    signing {
-        useInMemoryPgpKeys(
-            System.getenv("GPG_KEY_ID"),
-            System.getenv("GPG_PRIVATE_KEY"),
-            System.getenv("GPG_PRIVATE_KEY_PASSWORD")
-        )
-        sign(publishing.publications)
+signing {
+    setRequired {
+        System.getenv("GPG_KEY_ID") != null
     }
+    useInMemoryPgpKeys(
+        System.getenv("GPG_KEY_ID"),
+        System.getenv("GPG_PRIVATE_KEY"),
+        System.getenv("GPG_PRIVATE_KEY_PASSWORD")
+    )
+    sign(publishing.publications)
 }
diff --git a/docker/Dockerfile b/docker/Dockerfile
index 52ca9509..c464dd00 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -1,13 +1,13 @@
-FROM jkarlos/git-server-docker
+FROM rockstorm/git-server:2.43
 
-RUN passwd -d git \
-  && sed -i 's/^PasswordAuthentication.*/PasswordAuthentication yes/g' /etc/ssh/sshd_config \
-  && echo "PermitEmptyPasswords yes" >> /etc/ssh/sshd_config \
-  && ls /etc/init.d \
-  && mkdir -p repos \
-  && git init --bare repos/rejecting-repo \
-  && echo -e "#!/bin/sh\necho 'I reject this push!' >&2\nexit 1" > repos/rejecting-repo/hooks/pre-receive \
-  && chmod +x repos/rejecting-repo/hooks/pre-receive \
-  && sh /etc/init.d/sshd restart
+RUN mkdir -p /srv/git/repos/rejecting-repo \
+  && mkdir -p /home/git/.ssh \
+  && echo -e "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCu0nkKWfkHn7bqz4VwFNORWZYZp1jKuiom/E3I5XzGMZTmo2M9TWIRGPsx1h+5GYnFiGo8DYaJv1T//nnE2lAWJ7e9Cj9dJQ5wx3EwJc9twHEzBF8hstpzCZS2UVlsWlkKkVwH8py54wh/xoG1mcAH/am5QBxcFarHqmMaN9YU6tXv2ipbpd5BsXUDvh0WOS/j/iylD2ACUYe+iBzC/FrZDeJR6Kkbomb+1Pxr7ffail5WzihpHcF6lR1hG98f8pDtJUo00n5mmZPp3ZxFmssIHbv9ZdU6x0vgEs9qBO1p0tILhVLhNHq3oLumWRtEzdH7AP1VjNCQ3aMy4MpJo+xUHD28btWS5N4wVpAQCZqVu5ucz/5jnsdluQVEd4grUu4nKgFiHPA0/o938fDO7tO2HOp3QhdFK+zlP6Q0H4XOZTk3kYn+9yymT294lqM+NeFApSdGSCROJI5HZQaQJX2tkjAy5eJYQcBzko6+KVL+mWZ8/D54NJX0O87FN0205NM= user@host" >> /home/git/.ssh/authorized_keys \
+  && chown -R git:git /home/git/.ssh \
+  && chmod 700 /home/git/.ssh \
+  && chmod 600 /home/git/.ssh/authorized_keys \
+  && git init --bare /srv/git/repos/rejecting-repo \
+  && echo -e "#!/bin/sh\necho 'I reject this push!' >&2\nexit 1" > /srv/git/repos/rejecting-repo/hooks/pre-receive \
+  && chmod +x /srv/git/repos/rejecting-repo/hooks/pre-receive
 
-CMD ["sh", "start.sh"]
+CMD ["/usr/sbin/sshd", "-D"]
\ No newline at end of file
diff --git a/gradle/wrapper/gradle-wrapper.jar b/gradle/wrapper/gradle-wrapper.jar
index 7454180f..e708b1c0 100644
Binary files a/gradle/wrapper/gradle-wrapper.jar and b/gradle/wrapper/gradle-wrapper.jar differ
diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
index 3ab0b725..f371643e 100644
--- a/gradle/wrapper/gradle-wrapper.properties
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -1,5 +1,5 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-6.9.1-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-7.0-bin.zip
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
diff --git a/gradlew b/gradlew
index 1b6c7873..4f906e0c 100755
--- a/gradlew
+++ b/gradlew
@@ -1,7 +1,7 @@
-#!/bin/sh
+#!/usr/bin/env sh
 
 #
-# Copyright © 2015-2021 the original authors.
+# Copyright 2015 the original author or authors.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -17,101 +17,67 @@
 #
 
 ##############################################################################
-#
-#   Gradle start up script for POSIX generated by Gradle.
-#
-#   Important for running:
-#
-#   (1) You need a POSIX-compliant shell to run this script. If your /bin/sh is
-#       noncompliant, but you have some other compliant shell such as ksh or
-#       bash, then to run this script, type that shell name before the whole
-#       command line, like:
-#
-#           ksh Gradle
-#
-#       Busybox and similar reduced shells will NOT work, because this script
-#       requires all of these POSIX shell features:
-#         * functions;
-#         * expansions «$var», «${var}», «${var:-default}», «${var+SET}»,
-#           «${var#prefix}», «${var%suffix}», and «$( cmd )»;
-#         * compound commands having a testable exit status, especially «case»;
-#         * various built-in commands including «command», «set», and «ulimit».
-#
-#   Important for patching:
-#
-#   (2) This script targets any POSIX shell, so it avoids extensions provided
-#       by Bash, Ksh, etc; in particular arrays are avoided.
-#
-#       The "traditional" practice of packing multiple parameters into a
-#       space-separated string is a well documented source of bugs and security
-#       problems, so this is (mostly) avoided, by progressively accumulating
-#       options in "$@", and eventually passing that to Java.
-#
-#       Where the inherited environment variables (DEFAULT_JVM_OPTS, JAVA_OPTS,
-#       and GRADLE_OPTS) rely on word-splitting, this is performed explicitly;
-#       see the in-line comments for details.
-#
-#       There are tweaks for specific operating systems such as AIX, CygWin,
-#       Darwin, MinGW, and NonStop.
-#
-#   (3) This script is generated from the Groovy template
-#       https://github.com/gradle/gradle/blob/master/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
-#       within the Gradle project.
-#
-#       You can find Gradle at https://github.com/gradle/gradle/.
-#
+##
+##  Gradle start up script for UN*X
+##
 ##############################################################################
 
 # Attempt to set APP_HOME
-
 # Resolve links: $0 may be a link
-app_path=$0
-
-# Need this for daisy-chained symlinks.
-while
-    APP_HOME=${app_path%"${app_path##*/}"}  # leaves a trailing /; empty if no leading path
-    [ -h "$app_path" ]
-do
-    ls=$( ls -ld "$app_path" )
-    link=${ls#*' -> '}
-    case $link in             #(
-      /*)   app_path=$link ;; #(
-      *)    app_path=$APP_HOME$link ;;
-    esac
+PRG="$0"
+# Need this for relative symlinks.
+while [ -h "$PRG" ] ; do
+    ls=`ls -ld "$PRG"`
+    link=`expr "$ls" : '.*-> \(.*\)$'`
+    if expr "$link" : '/.*' > /dev/null; then
+        PRG="$link"
+    else
+        PRG=`dirname "$PRG"`"/$link"
+    fi
 done
-
-APP_HOME=$( cd "${APP_HOME:-./}" && pwd -P ) || exit
+SAVED="`pwd`"
+cd "`dirname \"$PRG\"`/" >/dev/null
+APP_HOME="`pwd -P`"
+cd "$SAVED" >/dev/null
 
 APP_NAME="Gradle"
-APP_BASE_NAME=${0##*/}
+APP_BASE_NAME=`basename "$0"`
 
 # Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
 DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
 
 # Use the maximum available, or set MAX_FD != -1 to use that value.
-MAX_FD=maximum
+MAX_FD="maximum"
 
 warn () {
     echo "$*"
-} >&2
+}
 
 die () {
     echo
     echo "$*"
     echo
     exit 1
-} >&2
+}
 
 # OS specific support (must be 'true' or 'false').
 cygwin=false
 msys=false
 darwin=false
 nonstop=false
-case "$( uname )" in                #(
-  CYGWIN* )         cygwin=true  ;; #(
-  Darwin* )         darwin=true  ;; #(
-  MSYS* | MINGW* )  msys=true    ;; #(
-  NONSTOP* )        nonstop=true ;;
+case "`uname`" in
+  CYGWIN* )
+    cygwin=true
+    ;;
+  Darwin* )
+    darwin=true
+    ;;
+  MINGW* )
+    msys=true
+    ;;
+  NONSTOP* )
+    nonstop=true
+    ;;
 esac
 
 CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
@@ -121,9 +87,9 @@ CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
 if [ -n "$JAVA_HOME" ] ; then
     if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
         # IBM's JDK on AIX uses strange locations for the executables
-        JAVACMD=$JAVA_HOME/jre/sh/java
+        JAVACMD="$JAVA_HOME/jre/sh/java"
     else
-        JAVACMD=$JAVA_HOME/bin/java
+        JAVACMD="$JAVA_HOME/bin/java"
     fi
     if [ ! -x "$JAVACMD" ] ; then
         die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
@@ -132,7 +98,7 @@ Please set the JAVA_HOME variable in your environment to match the
 location of your Java installation."
     fi
 else
-    JAVACMD=java
+    JAVACMD="java"
     which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
 
 Please set the JAVA_HOME variable in your environment to match the
@@ -140,95 +106,80 @@ location of your Java installation."
 fi
 
 # Increase the maximum file descriptors if we can.
-if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then
-    case $MAX_FD in #(
-      max*)
-        MAX_FD=$( ulimit -H -n ) ||
-            warn "Could not query maximum file descriptor limit"
-    esac
-    case $MAX_FD in  #(
-      '' | soft) :;; #(
-      *)
-        ulimit -n "$MAX_FD" ||
-            warn "Could not set maximum file descriptor limit to $MAX_FD"
-    esac
+if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then
+    MAX_FD_LIMIT=`ulimit -H -n`
+    if [ $? -eq 0 ] ; then
+        if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then
+            MAX_FD="$MAX_FD_LIMIT"
+        fi
+        ulimit -n $MAX_FD
+        if [ $? -ne 0 ] ; then
+            warn "Could not set maximum file descriptor limit: $MAX_FD"
+        fi
+    else
+        warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT"
+    fi
 fi
 
-# Collect all arguments for the java command, stacking in reverse order:
-#   * args from the command line
-#   * the main class name
-#   * -classpath
-#   * -D...appname settings
-#   * --module-path (only if needed)
-#   * DEFAULT_JVM_OPTS, JAVA_OPTS, and GRADLE_OPTS environment variables.
+# For Darwin, add options to specify how the application appears in the dock
+if $darwin; then
+    GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\""
+fi
 
 # For Cygwin or MSYS, switch paths to Windows format before running java
-if "$cygwin" || "$msys" ; then
-    APP_HOME=$( cygpath --path --mixed "$APP_HOME" )
-    CLASSPATH=$( cygpath --path --mixed "$CLASSPATH" )
-
-    JAVACMD=$( cygpath --unix "$JAVACMD" )
-
+if [ "$cygwin" = "true" -o "$msys" = "true" ] ; then
+    APP_HOME=`cygpath --path --mixed "$APP_HOME"`
+    CLASSPATH=`cygpath --path --mixed "$CLASSPATH"`
+
+    JAVACMD=`cygpath --unix "$JAVACMD"`
+
+    # We build the pattern for arguments to be converted via cygpath
+    ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null`
+    SEP=""
+    for dir in $ROOTDIRSRAW ; do
+        ROOTDIRS="$ROOTDIRS$SEP$dir"
+        SEP="|"
+    done
+    OURCYGPATTERN="(^($ROOTDIRS))"
+    # Add a user-defined pattern to the cygpath arguments
+    if [ "$GRADLE_CYGPATTERN" != "" ] ; then
+        OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)"
+    fi
     # Now convert the arguments - kludge to limit ourselves to /bin/sh
-    for arg do
-        if
-            case $arg in                                #(
-              -*)   false ;;                            # don't mess with options #(
-              /?*)  t=${arg#/} t=/${t%%/*}              # looks like a POSIX filepath
-                    [ -e "$t" ] ;;                      #(
-              *)    false ;;
-            esac
-        then
-            arg=$( cygpath --path --ignore --mixed "$arg" )
+    i=0
+    for arg in "$@" ; do
+        CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -`
+        CHECK2=`echo "$arg"|egrep -c "^-"`                                 ### Determine if an option
+
+        if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then                    ### Added a condition
+            eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"`
+        else
+            eval `echo args$i`="\"$arg\""
         fi
-        # Roll the args list around exactly as many times as the number of
-        # args, so each arg winds up back in the position where it started, but
-        # possibly modified.
-        #
-        # NB: a `for` loop captures its iteration list before it begins, so
-        # changing the positional parameters here affects neither the number of
-        # iterations, nor the values presented in `arg`.
-        shift                   # remove old arg
-        set -- "$@" "$arg"      # push replacement arg
+        i=`expr $i + 1`
     done
+    case $i in
+        0) set -- ;;
+        1) set -- "$args0" ;;
+        2) set -- "$args0" "$args1" ;;
+        3) set -- "$args0" "$args1" "$args2" ;;
+        4) set -- "$args0" "$args1" "$args2" "$args3" ;;
+        5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;;
+        6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;;
+        7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;;
+        8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;;
+        9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;;
+    esac
 fi
 
-# Collect all arguments for the java command;
-#   * $DEFAULT_JVM_OPTS, $JAVA_OPTS, and $GRADLE_OPTS can contain fragments of
-#     shell script including quotes and variable substitutions, so put them in
-#     double quotes to make sure that they get re-expanded; and
-#   * put everything else in single quotes, so that it's not re-expanded.
-
-set -- \
-        "-Dorg.gradle.appname=$APP_BASE_NAME" \
-        -classpath "$CLASSPATH" \
-        org.gradle.wrapper.GradleWrapperMain \
-        "$@"
-
-# Use "xargs" to parse quoted args.
-#
-# With -n1 it outputs one arg per line, with the quotes and backslashes removed.
-#
-# In Bash we could simply go:
-#
-#   readarray ARGS < <( xargs -n1 <<<"$var" ) &&
-#   set -- "${ARGS[@]}" "$@"
-#
-# but POSIX shell has neither arrays nor command substitution, so instead we
-# post-process each arg (as a line of input to sed) to backslash-escape any
-# character that might be a shell metacharacter, then use eval to reverse
-# that process (while maintaining the separation between arguments), and wrap
-# the whole thing up as a single "set" statement.
-#
-# This will of course break if any of these variables contains a newline or
-# an unmatched quote.
-#
+# Escape application args
+save () {
+    for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done
+    echo " "
+}
+APP_ARGS=`save "$@"`
 
-eval "set -- $(
-        printf '%s\n' "$DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS" |
-        xargs -n1 |
-        sed ' s~[^-[:alnum:]+,./:=@_]~\\&~g; ' |
-        tr '\n' ' '
-    )" '"$@"'
+# Collect all arguments for the java command, following the shell quoting and substitution rules
+eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS"
 
 exec "$JAVACMD" "$@"
diff --git a/src/integration/groovy/pl/allegro/tech/build/axion/release/RemoteRejectionTest.groovy b/src/integration/groovy/pl/allegro/tech/build/axion/release/RemoteRejectionTest.groovy
index 5ecc8c8e..d0e74778 100644
--- a/src/integration/groovy/pl/allegro/tech/build/axion/release/RemoteRejectionTest.groovy
+++ b/src/integration/groovy/pl/allegro/tech/build/axion/release/RemoteRejectionTest.groovy
@@ -16,6 +16,7 @@ import pl.allegro.tech.build.axion.release.infrastructure.git.SshConnector
 import spock.lang.Shared
 import spock.lang.Specification
 
+import java.nio.file.Files
 import java.nio.file.Paths
 
 import static pl.allegro.tech.build.axion.release.TagPrefixConf.fullPrefix
@@ -33,6 +34,8 @@ class RemoteRejectionTest extends Specification {
     def "should return error on push failure"() {
         given:
         File repoDir = File.createTempDir('axion-release', 'tmp')
+        String privateKey = Files.readString(Paths.get(getClass().getResource("/id_rsa").toURI()))
+        ScmIdentity keyIdentity = ScmIdentity.keyIdentity(privateKey, "UrbanCookieCollective")
 
         Git.cloneRepository()
             .setDirectory(repoDir)
@@ -40,10 +43,10 @@ class RemoteRejectionTest extends Specification {
                 @Override
                 void configure(Transport transport) {
                     SshTransport sshTransport = (SshTransport) transport
-                    sshTransport.setSshSessionFactory(new SshConnector(ScmIdentity.defaultIdentityWithoutAgents()))
+                    sshTransport.setSshSessionFactory(new SshConnector(keyIdentity))
                 }
             })
-            .setURI("ssh://git@${gitServerContainer.getContainerIpAddress()}:${gitServerContainer.firstMappedPort}/git-server/repos/rejecting-repo")
+            .setURI("ssh://git@${gitServerContainer.getHost()}:${gitServerContainer.firstMappedPort}/srv/git/repos/rejecting-repo")
             .call()
 
         GitRepository repository = new GitRepository(ScmPropertiesBuilder.scmProperties(repoDir).build())
@@ -53,7 +56,7 @@ class RemoteRejectionTest extends Specification {
         repository.commit(['*'], 'commit after ' + fullPrefix() + 'custom')
 
         when:
-        ScmPushResult result = repository.push(ScmIdentity.defaultIdentityWithoutAgents(), new ScmPushOptions('origin', false), true)
+        ScmPushResult result = repository.push(keyIdentity, new ScmPushOptions('origin', false), true)
 
         then:
         !result.success
diff --git a/src/main/java/pl/allegro/tech/build/axion/release/infrastructure/git/SshAgentIdentityRepositoryFactory.java b/src/main/java/pl/allegro/tech/build/axion/release/infrastructure/git/SshAgentIdentityRepositoryFactory.java
index 7132402c..e1e3b1c2 100644
--- a/src/main/java/pl/allegro/tech/build/axion/release/infrastructure/git/SshAgentIdentityRepositoryFactory.java
+++ b/src/main/java/pl/allegro/tech/build/axion/release/infrastructure/git/SshAgentIdentityRepositoryFactory.java
@@ -1,143 +1,77 @@
 package pl.allegro.tech.build.axion.release.infrastructure.git;
 
-import com.jcraft.jsch.IdentityRepository;
-import com.jcraft.jsch.agentproxy.Connector;
-import com.jcraft.jsch.agentproxy.RemoteIdentityRepository;
-import com.jcraft.jsch.agentproxy.USocketFactory;
-import com.jcraft.jsch.agentproxy.connector.PageantConnector;
-import com.jcraft.jsch.agentproxy.connector.SSHAgentConnector;
-import com.jcraft.jsch.agentproxy.usocket.JNAUSocketFactory;
-import com.jcraft.jsch.agentproxy.usocket.NCUSocketFactory;
-import org.gradle.api.logging.Logger;
-import org.gradle.api.logging.Logging;
-
 import java.io.PrintWriter;
 import java.io.StringWriter;
 import java.util.Optional;
 
-/**
- * Content of this class is based on GrGit 2.x agent connector implementation.
- * TODO: add link to github
- * <p>
- * GrGit dropped support for JSch in favor of using native SSH command. However for the limited operations used by
- * axion-release-plugin, JSch seems to be sufficient.
- */
-class SshAgentIdentityRepositoryFactory {
-
-    private static final Logger logger = Logging.getLogger(SshAgentIdentityRepositoryFactory.class);
-
-    static Optional<IdentityRepository> tryToCreateIdentityRepository() {
-        Connector connector;
-        IdentityRepository repository = null;
-
-        logger.info("Trying to connect any to SSH agent for repository credentials");
-        connector = trySshAgent();
-
-        if (connector == null) {
-            connector = tryPageant();
-        }
-
-
-        if (connector != null) {
-            repository = createIdentityRepository(connector);
-        }
+import org.gradle.api.logging.Logger;
+import org.gradle.api.logging.Logging;
 
+import com.jcraft.jsch.AgentConnector;
+import com.jcraft.jsch.AgentIdentityRepository;
+import com.jcraft.jsch.IdentityRepository;
+import com.jcraft.jsch.JUnixSocketFactory;
+import com.jcraft.jsch.PageantConnector;
+import com.jcraft.jsch.SSHAgentConnector;
+import com.jcraft.jsch.UnixDomainSocketFactory;
 
-        if (repository != null) {
-            logger.info("Successfully connected to SSH agent and fetched identities, see debug logs for details");
-        } else {
-            logger.info("Failed to connect to SSH agent, see debug logs for details");
-        }
+class SshAgentIdentityRepositoryFactory {
 
+    private static final Logger logger = Logging.getLogger(SshAgentIdentityRepositoryFactory.class);
 
-        return Optional.ofNullable(repository);
+    private SshAgentIdentityRepositoryFactory() {
+        // static access only
     }
 
-    private static IdentityRepository createIdentityRepository(Connector connector) {
-        IdentityRepository repository = new RemoteIdentityRepository(connector);
+    static Optional<IdentityRepository> tryToCreateIdentityRepository() {
+        Optional<AgentConnector> connector = trySshAgent().or(SshAgentIdentityRepositoryFactory::tryPageant);
+        Optional<IdentityRepository> optionalIdentityRepository = connector.map(AgentIdentityRepository::new);
+        optionalIdentityRepository.ifPresentOrElse(repository -> logger.info("Connected to SSH agent with status: " + statusDescription(repository.getStatus())),
+                () -> logger.warn("No SSH Agent connection could be created. See debug log for details"));
+        return optionalIdentityRepository;
+    }
 
+    private static Optional<AgentConnector> tryPageant() {
         try {
-            if (!((RemoteIdentityRepository) repository).getIdentities().isEmpty()) {
-                return repository;
-            } else {
-                logger.debug("SSH agent holds no identities, not going to use it");
-                return null;
+            return Optional.of(new PageantConnector());
+        } catch (Exception e) {
+            logger.info("Failed to use pageant as identity provider - " + e.getMessage());
+            if (logger.isDebugEnabled()) {
+                logger.debug(stacktrace(e));
             }
-
-        } catch (Throwable e) {
-            logger.warn("Failed to fetch identities from SSH agent, see debug logs for details");
-            logger.debug(stacktrace(e));
         }
 
-
-        return null;
+        return Optional.empty();
     }
 
-    private static Connector trySshAgent() {
-        Connector connector = null;
-        if (SSHAgentConnector.isConnectorAvailable()) {
-            logger.debug("Found ssh-agent, trying to connect");
-
-            Optional<USocketFactory> socketFactory = tryToCreateSocketFactory();
-            if (socketFactory.isPresent()) {
-                logger.debug("Connected to ssh-agent, using it as identity provider");
-                try {
-                    connector = new SSHAgentConnector(socketFactory.get());
-                } catch (Throwable e) {
-                    logger.warn("Failed to use ssh-agent as identity provider, see debug logs for details");
-                    logger.debug(stacktrace(e));
-                }
-
-            } else {
-                logger.warn("ssh-agent detected, but failed to connect, see debug logs for details");
+    private static Optional<AgentConnector> trySshAgent() {
+        try {
+            JUnixSocketFactory jUnixSocketFactory = new JUnixSocketFactory();
+            SSHAgentConnector sshAgentConnector = new SSHAgentConnector(jUnixSocketFactory);
+            if (sshAgentConnector.isAvailable()) {
+                return Optional.of(sshAgentConnector);
             }
-
-        }
-
-        return connector;
-    }
-
-    private static Connector tryPageant() {
-        Connector connector = null;
-        if (PageantConnector.isConnectorAvailable()) {
-            logger.debug("Found pageant, trying to connect");
-            try {
-                connector = new PageantConnector();
-            } catch (Throwable e) {
-                logger.warn("Failed to use pageant as identity provider, see debug logs for details");
+        } catch (Exception e) {
+            logger.info("Failed to connect to JUnix Socket ssh-agent - " + e.getMessage());
+            if (logger.isDebugEnabled()) {
                 logger.debug(stacktrace(e));
             }
-
         }
 
-        return connector;
-    }
-
-    private static Optional<USocketFactory> tryToCreateSocketFactory() {
-        USocketFactory factory = null;
-        Throwable exception = null;
         try {
-            factory = new JNAUSocketFactory();
-        } catch (Throwable e) {
-            exception = e;
-        }
-
-
-        if (factory == null) {
-            try {
-                factory = new NCUSocketFactory();
-            } catch (Throwable e) {
-                exception = e;
+            UnixDomainSocketFactory unixDomainSocketFactory = new UnixDomainSocketFactory();
+            SSHAgentConnector sshAgentConnector = new SSHAgentConnector(unixDomainSocketFactory);
+            if (sshAgentConnector.isAvailable()) {
+                return Optional.of(sshAgentConnector);
+            }
+        } catch (Exception e) {
+            logger.info("Failed to connect to Unix Domain Socket ssh-agent - " + e.getMessage());
+            if (logger.isDebugEnabled()) {
+                logger.debug(stacktrace(e));
             }
-
-        }
-
-        if (factory == null) {
-            logger.warn("Failed to connect to ssh-agent, see debug logs for details");
-            logger.debug(stacktrace(exception));
         }
 
-        return Optional.ofNullable(factory);
+        return Optional.empty();
     }
 
     private static String stacktrace(Throwable e) {
@@ -147,4 +81,16 @@ private static String stacktrace(Throwable e) {
             return writer.toString();
         }
     }
+
+    private static String statusDescription(int statusCode) {
+        if (statusCode == IdentityRepository.NOTRUNNING) {
+            return "Not Running";
+        } else if (statusCode == IdentityRepository.UNAVAILABLE) {
+            return "Unavailable";
+        } else if (statusCode == IdentityRepository.RUNNING) {
+            return "Running";
+        } else {
+            return "Unknown " + statusCode;
+        }
+    }
 }
diff --git a/src/test/resources/id_rsa b/src/test/resources/id_rsa
new file mode 100644
index 00000000..a8722899
--- /dev/null
+++ b/src/test/resources/id_rsa
@@ -0,0 +1,42 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: AES-128-CBC,D3BCF7E3222F1C3A761EA57A141E9270
+
+DRH5DYKap1POLEPgpsPLuK2mWvscRHIcOtMDvtnhdlhGgp4yoJDm8VfJd+0+CHcF
+GzxAEYvsRvsk6oSyANvhpvW0neU/HsPeiXcREPIKaclZYDGI5WjMy0ZIUjxddOFP
+HPN/xnIAkH2n83NSEsALpqT+h2oAbZ/T4o1pBxf18nhQMyifswhjgr4744kQeO9v
+XWE0XWYhE9FBf+yGagRaUnSdVeWkbgKeXmbQ1pxmHXBCZqWHZBNQJlEE+XNLk0Qb
+XOKwZ9Ees9+Gci9TetH1Pk5/3sO09f25MAE7pSQvX/JQ2PujLVG6dzj4p+a5T/Xm
+U9M+Eg6cNEIm6Gkq2mcVJg+05/L5yoUTYayVMDsZFEWxuAJK6L8Qu4LTRLDt1hbr
+qpAsPjwcE/rsfVhrNe+6ZfIv/6It52fzVisWv9qj1TGXiPZxaRagHN5k5fRNO1v+
+WOU2GgH9IJsKZcUPU++EovOQJ8G7ZW/0TBOnn2ZlAlOXWSBKPaq+l1WldplwmlpD
+YNn7z4jcTPV+t/cW/qGtp2G0rtD+rqMcQ0qiwzs/eV7qk3+PoS9iM/7LJ5BtlS/t
+NNi2N/z7gVqBRSsgDHHjxsbKGD3K3vvjvLCbfPt+xgXZz0Josv5atcNYvPl3RJ6c
+WjIS4GzImmUHol3guh3cYyqDGWkRFfjIFHugDEhXtDLsz8/VXkOUwN6dsg676LuU
+y7JeKCcyMeGrx0bdyLEGoFSxjc9BB2qDpRWz2VAD+XPd2AWOUd5r7DsUbSW7U8d0
+qXgu5xSQDzULpA2w6PzcZsW30GKOkhaIXnSmTUcaYQuJXVSjxq/nwvs+koEOTIGR
+B3t1+wnblztf/i39zemwzeyAog1/SGuyrDmGH91YATeH/Kl+Gj5sGMEnnqohdShR
+Tefo4YFENM7u6rOAJzEEiZ5VmGyzImamGnK2qPCdbZEPejHgS1fzfGUvBpDO6O9Z
+ynERiQOg3zqbddQrZW6Gp3H60wx4CIZN6hMGhtsu/NyA1ussSUw/P2kTELRnX1Q8
+1/nGxlirn0vf2t6lYkoVfE3vFSg+Jj3vVY9O2BA5JmeRMJe2bxEyFGkMdfbjKtVy
+mdmQ1eHtP/nVnbiQ93beZPtjijzg4c0szSktUtAc+iE1YjqWM4CgrpG6JmxqIXTc
+owaJWEMAm9g7fA/5ANi9NMITPE4FWg6LB2iVjH2A7vxDoCI1f2Zmcc13qspw3S+E
+1qLlXDkL1uEMFEdh/YfvE5p+8u0UWsbEpDsJPCcTc0LSfPe9ZxFEFayHZPhpWQOR
+mLXyAmS4va7E0+T+UWL/uSOb1DFVQ4KXVpNgp600rO5+kU0fxHT3WJb4pbpR6El4
+9To9Dj3FeHTiEYca1zjtTl3Cc5vW4Bc3bX+2WjjyOQEuyh9J1vd5mK5KXxtD/bTg
+ktkFMrRUyqaEgkBhRcTQDKGEq73795JnLNojSgT4agAjNfAFtvJnyo5x9KdfZ/lL
+dYMHH74es1NTFibZSuT7h+boLS/5XyvLiU/xc5YbjWc6i8iW/2IEDOU7ROiuXDCt
+cKUS/DrEDaJs3WS0eK5AAYisznJjk+DFQOlLOUjZ0RtFUq8PHvYdeYicGihLEay8
+oAQugNiof65ySQqT41BZGznaoHTKUMyl70JP1+mjFLgZbQIj5BD7PKZq7m+e8Dqg
+slod8dPr937OSdxmDlQalibo+6HQWUyPkhyebtZO+Y7Ec0/TDm4QJxv7nnARlhCF
+KSK+F0uVLOahrUiuP5m46yOxovH92u1/v16tuDpr4kYlNX+R/Iz70Yg/gAqjbueA
+btEAEMrKYY5+vPhpVTpn/QE9I+Ow8OvKKa6b2xfhTUckwYKCZ4PywZgV5WXXUOY6
+t86/I4mcQISlYicUNAsrh5KjQdYPYMK5ZTTKXG97M2uczH21qkKnXSzca+M7U2NY
+pr5xJwc6730T8PonDMxfXCPc5iyGWK/Hompv2hSCvmyINpkXrsgMTveTuR/TYY9W
+DJGatxjir59Ul3y83hVNJ1ggylKBVMvCTT4PHAu1SFDYNqoCO8yOu3rubiRsaQvn
+FnAWtR5ApfPNks3yWYDaDL5CJp7ClcEzuch4Sx+Jhpff87vIb3eHKLildasMKafb
+Wj/IN5rfeda2c0i0nnXaGIs/0wyJQWa8Htxm9jzXzb3ryRxHaD2+4n78DtjrERtI
+otB4htlpi1YGULFu8gR7zSGY3p5MjPr2xDMohDzYqYrECTUaEct2fVRxsNHSEre+
+KV41JGxwXbBJrE8b39sFvfDG3QzW8YOl/fo9IQYiU6OpenMtseJjmUE3IuGZKP+1
+XhNbHJ6CnThMSUE7lTKcSGMNuNX8XYnQCGXbAEYXzmen+dL1Zb0sOWvOXVjjssCP
+-----END RSA PRIVATE KEY-----
\ No newline at end of file