NBardelot commented on a change in pull request #12467:
URL: https://github.com/apache/airflow/pull/12467#discussion_r570375577
##########
File path: airflow/config_templates/config.yml
##########
@@ -2053,3 +2053,13 @@
type: string
example: ~
default: "NamedHivePartitionSensor"
+- name: ssh
+ description: ~
+ options:
+ - name: private_keys_algorithm_support
+ description: |
+ Comma separated list of ssh algorithms names (following `ssh-keygen`
naming) supported by
+ SSH hook
+ type: string
+ example: ~
+ default: "dsa,ecdsa,ed25519,rsa"
Review comment:
Hi, I've not been very available lately but I'd like to say that putting the
only control on the server-side is not the intended way the protocols like SSH
behave, in my opinion. Protocol negociation is made to reflect both the client
and server interests.
An Airflow instance might very well connect to a server that is not under
the control of its administrator. It is typically the case in large companies.
The administrator should be able to implement a policy, limiting protocols,
without depending on Paramiko or the server administrator.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
