Specifying SSH key for JGit

nstbayless picture nstbayless · May 16, 2014 · Viewed 14.2k times · Source

I'm wondering how I can use jgit to connect to github using a specified ssh key file (i.e. one not in ~/.ssh/).

Unfortunately, I'm not sure how to use JschConfigSessionFactory properly. I've tried creating a setup just like the one in this article: Using Keys with JGit to Access a Git Repository Securely

I call git using git.push().setRemote(remotePath).call(); However, I get this error (specific repository omitted from log):

org.eclipse.jgit.api.errors.TransportException: https://github.com/user/repo: not authorized
    at org.eclipse.jgit.api.PushCommand.call(PushCommand.java:160)
    at gitio.GitInterface.pushToRemote(GitInterface.java:145)
    at engine.GitInterfaceTester.main(GitInterfaceTester.java:25)
Caused by: org.eclipse.jgit.errors.TransportException: https://github.com/user/repo: not authorized
    at org.eclipse.jgit.transport.TransportHttp.connect(TransportHttp.java:479)
    at org.eclipse.jgit.transport.TransportHttp.openPush(TransportHttp.java:396)
    at org.eclipse.jgit.transport.PushProcess.execute(PushProcess.java:154)
    at org.eclipse.jgit.transport.Transport.push(Transport.java:1173)
    at org.eclipse.jgit.api.PushCommand.call(PushCommand.java:156)
    ... 2 more

I've noticed that the custom overriden methods in JschConfigSessionFactory aren't ever actually invoked. This is almost certainly the cause of the problem... but don't know why they're not invoked; I pass the custom JschConfigSessionFactory to SshSessionFactory using SshSessionFactory.setInstance(sessionFactory);

Does anybody know what I'm doing wrong?

Answer

Rüdiger Herrmann picture Rüdiger Herrmann · May 16, 2014

GitHub uses password authentication for https URLs and public-key authentication for SSH URLs (see https://gist.github.com/grawity/4392747).

The SshSessionFactory is only consulted for SSH URLs like [email protected]:user/repo.git. To authenticate for an https URL you can use the CredentialsProvider. The base class for commands that may establish connections is TransportCommand and has a setCredentialsProvider() method. If you equip the PushCommand with a CredentialsProvider that supplies user name and password, you should be able to successfully establish a connection.

For further details about authenticating with JGit you may want to read this article: http://www.codeaffine.com/2014/12/09/jgit-authentication/