Support recent SSH security settings

I would like to be able to use the regular fetch/pull/push commands (i.e. all remote interaction commands) from within GK when the remotes are located on a (self-hosted) Gitlab server where SSH was hardened to state-of-the-art security standards. Excerpt from the sshd_config of the server in question:

...
HostKey /etc/ssh/ssh_host_ed25519_key
KexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
Ciphers chacha20-poly1305@openssh.com
...

Weakening those settings is not an option.

Current Workaround: open a terminal (via ALT-T), then use the native git/ssh installation to perform fetch/push/pull.

Possible solutions
1) start using versions of libgit(2) / libssh(2) that support the above ciphers/hostkeys/algos (not sure if those already exist)
2) [preferred] add an "advanced option" to utilise a system-installed ssh/git client in place of the bundled libs for some or maybe all commands.

Under consideration Suggested by: Jonas Kaiser Upvoted: 21 Mar Comments: 5

Comments: 5

Add a comment

0 / 1,000

* Your name will be publicly visible

* Your email will be visible only to moderators