eclipse-ditto#985 add reference to SSH RFC and hint about possible pe…

…rformance impact of using ssh tunneling Signed-off-by: Dominik Guggemos <dominik.guggemos@bosch.io>
bosch-io · Mar 26, 2021 · 79f6477 · 79f6477
1 parent 2b49516
commit 79f6477
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 4 deletions.
diff --git a/documentation/src/main/resources/jsonschema/connection.json b/documentation/src/main/resources/jsonschema/connection.json
@@ -513,7 +513,7 @@
               "username": {
                 "$id": "/properties/sshTunnel/properties/credentials/properties/username",
                 "type": "string",
-                "title": "The username user for authentication.",
+                "title": "The username for authentication.",
                 "description": "A valid username.",
                 "examples": [
                   "tunnel-user"
@@ -523,7 +523,7 @@
                 "$id": "/properties/sshTunnel/properties/credentials/properties/password",
                 "type": "string",
                 "title": "The password for authentication.",
-                "description": "A valid password. Only required for type `password`.",
+                "description": "A valid password. Only required for type `plain`.",
                 "examples": [
                   "*****"
                 ]

diff --git a/documentation/src/main/resources/pages/ditto/connectivity-ssh-tunneling.md b/documentation/src/main/resources/pages/ditto/connectivity-ssh-tunneling.md
@@ -7,15 +7,18 @@ permalink: connectivity-ssh-tunneling.html
 
 ## SSH tunneling
 
-A managed connection supports establishing an SSH tunnel which is then used to connect to the actual target endpoint. 
+A managed connection supports establishing an SSH tunnel 
+(see section TCP/IP Port Forwarding of the 
+[Secure Shell (SSH) Connection Protocol, RFC4254](https://tools.ietf.org/html/rfc4254#section-7)) which 
+is then used to connect to the actual target endpoint. 
 This is useful when the target endpoint is not directly accessible but only via SSH. For this purpose the connection 
 configuration must specify the `sshTunnel` section, which contains the necessary 
 information to establish a local SSH port forwarding. The tunneling supports password and public key authentication and 
 host validation using public key fingerprints. If the tunnel is enabled the connection will establish an SSH 
 tunnel and afterwards use this tunnel to connect to the actual endpoint.
 
 The example below establishes an SSH tunnel via `ssh-host:2222` to the remote endpoint 
-`tcp://mqtt. eclipseprojects.io:1883`, using plain authentication and enabled host validation:
+`tcp://mqtt.eclipseprojects.io:1883`, using plain authentication and enabled host validation:
 
 ```json
 {
@@ -37,6 +40,9 @@ The example below establishes an SSH tunnel via `ssh-host:2222` to the remote en
 }
 ```
 
+{% include note.html content="When using SSH tunneling, keep in mind that it can have an impact on the transmission 
+performance of your connection compared to transmission performance of a direct connection." %}
+
 ### Public key authentication
 
 An SSH tunnel can also be authenticated using public key authentication. The credentials provided in the SSH tunnel