You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As jcraft:jsch is not maintained any more, it will not receive any new encryption ciphers and will continue to support outdated potentially insecure ciphers.
Alternatives considered
No response
Additional context
I stumbled upon this whole situation when I wanted to connect to a git server using a ssh url and it did not work because I used a newer open ssh version to generate my private key.
The new fork does not support this new format as well, but there is at least an issue for it: mwiede/jsch#31
The text was updated successfully, but these errors were encountered:
Because jgit project have already moved to switch ssh library to apache-mina-sshd, I think it is no active reason for jgit project to work for it. You can use mwiede/jsch with your own risk by configuring your software project, for example in Gradle,
implementation 'org.eclipse.jgit:org.eclipse.jgit:5.13.1.202206130422-r'// Original JSch is unmaintained and dead, so we use forked version, mwiede/jsch// to fix BUGS#1075, and to support elliptic curve ciphers and improved ssh agent
implementation 'com.github.mwiede:jsch:0.2.3'// https://mvnrepository.com/artifact/org.eclipse.jgit/org.eclipse.jgit.ssh.jsch
implementation ('org.eclipse.jgit:org.eclipse.jgit.ssh.jsch:5.13.1.202206130422-r') {
exclude module: 'jsch'
}
Description
com.jcraft:jsch is effectively dead (last release from november 2018), but there is an actively maintained fork: https://github.com/mwiede/jsch.
Please consider switching to this fork.
Motivation
As jcraft:jsch is not maintained any more, it will not receive any new encryption ciphers and will continue to support outdated potentially insecure ciphers.
Alternatives considered
No response
Additional context
I stumbled upon this whole situation when I wanted to connect to a git server using a ssh url and it did not work because I used a newer open ssh version to generate my private key.
The new fork does not support this new format as well, but there is at least an issue for it: mwiede/jsch#31
The text was updated successfully, but these errors were encountered: