Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Set list of offered SSH authentication methods. #1159
Make the SSH authentication methods used by the server configurable,
For this, a
Since this also includes Kerberos authentication with GSS API, this obsoletes
This PR has been tested manually but doesn't include unit tests. All the existing unit tests still run, but I didn't find a good way to add anew one for the functionality, mostly because running a SshUnitTest with different start-up settings isn't supported and quick to implement elegantly. If someone has a suggestion, please comment.
Make the SSH authentication methods used by the server configurable, so that for example password authentication can be turned off. For this, a `git.sshAuthenticationMethods` setting is added which is a space separated list of authentication method names. Only the methods listed will be enabled in the server. This is modeled after the option of the same name from sshd_config, but it does not offer listing multiple required methods. It leaves the door open, though, for a later extension to support such a multi-factor authentication. Since this also includes Kerberos authentication with GSS API, this obsoletes the `git.sshWithKrb5` property. The latter is removed. Instead, to enable Kerberos5 authentication, add the method name `gssapi-with-mic` to the authentication methods list.