Add support for OpenSSH certificates, resolve #31#901
Conversation
norrisjeremy
left a comment
norrisjeremy
left a comment
There was a problem hiding this comment.
- Can you run
mvn formatter:formatto ensure that everything is formatted correctly? - Does this support SSH certs for host keys? If not, we need to add support for that too, as I'm opposed to only adding support SSH certs for user pubkey auth, w/o also adding support for SSH certs as host keys as well at the same time.
|
@norrisjeremy is there more feedback to this, as it would be nice to get to the finish line, thanks |
|
Hi @norrisjeremy, thanks for following up. I marked the comments as resolved on GitHub because I had already addressed them locally and didn’t want to lose track of your suggestions. I’m currently adding support for host keys as well (it’s nearly finished) and I’ll push everything together in the next update. Please let me know if you have any additional suggestions in the meantime. |
Hi @luigidemasi, Great, thanks! We are excited to have someone step up and contribute this work! Thanks, |
I added the support for Host Certificate, let me know wdyt. |
|
Great to see progress on this one. If we are getting close to the finish line it would be good to do the last review and update the reported findings so fingers crossed we can get this merged and released. Thank you. |
I probably won't have time to start reviewing this again until next week. |
Thanks for the update, no problem. Just glad we are on path to the goal line. |
|
Sorry to bother - but would be good to get this reviewed |
HI @davsclaus, Yes, I haven't forgotten, I will try to review it when I have some time available. Thanks, |
norrisjeremy
left a comment
norrisjeremy
left a comment
There was a problem hiding this comment.
Just a few initial comments, I still have a lot left to review.
luigidemasi
force-pushed
the
openssh_certificate_support
branch
from
e3194d7 to
7db8379
Compare
luigidemasi
force-pushed
the
openssh_certificate_support
branch
from
e382afb to
d5103ba
Compare
luigidemasi
force-pushed
the
openssh_certificate_support
branch
from
d5103ba to
647420f
Compare
luigidemasi
force-pushed
the
openssh_certificate_support
branch
from
647420f to
7a8050d
Compare
|
Looks like we need to run |
luigidemasi
force-pushed
the
openssh_certificate_support
branch
from
7a8050d to
36b3e80
Compare
luigidemasi
force-pushed
the
openssh_certificate_support
branch
from
36b3e80 to
d5fd786
Compare
luigidemasi
force-pushed
the
openssh_certificate_support
branch
from
d5fd786 to
db970b2
Compare
… Host Certificate
… code review for Host Certificate support
… code review for Host Certificate support - part2
… code review for Host Certificate support - part3
… code review for Host Certificate support - part4
|
this PR is open since September 2025. We're almost in April 2026 and every week there's a new comment about changing a log level, removing an empty line, reordering an import, checking what OpenSSH does for this edge case. I've addressed every round within days but there's always something new the week after. I'm tired of this. The OpenSSH behavior questions are fair, but they could have been raised months ago, not one at a time spread across half a year. So please review the whole thing, and tell me everything that's left. All of it, at once. I'll fix it. Then we merge. I'm not going to keep going back and forth on cosmetic stuff until September 2026. |
luigidemasi
force-pushed
the
openssh_certificate_support
branch
from
db970b2 to
85a6dc4
Compare
|
|
@luigidemasi I am basically fine with the PR and I am about to merge it. I even let Claude Code review it, and it does't have any critical findings. |
|
Hi @luigidemasi, Thank you for dedication and effort towards implementing this feature, and your patience working with us during the review process! @mwiede, I think we may want to increment the major version to 2.28 since this is a significant feature. Thanks! |
4 participants
No description provided.