feat(ssh): allow to use pubkey auth

[alexandrebrg]

What changes are being made and why?

👋

SSH plugin command was missing authentication with asymmetric keys. I added an option to determine which option will be used in the SSH command (PASSWORD vs PUBLIC_KEY), with the ability to give a private key and a passphrase for it.

Moreover, JSch has been replaced by this fork. It's a drop-in replacement, with enhanced capabilities, especially in cryptography. Original version was only able to run ssh-rsa keys, which is a method deprecated nowadays in OpenSSL, and even more, it's disabled by default. (see here).

Based on my light research, this lib wasn't used by any other component, meaning it shouldn't impact other plugins. A little note here to talk about available algorithms, this lib will load various (most commons) algo depending on the java version is it built with (doc). If I remember well, Kestra must be built & run with at least java 17, so it should be good :D

How the changes have been QAed?

I'm running a simple docker-compose as described here, with the below flow and this additional docker compose service:

services:
  openssh-server:
    image: lscr.io/linuxserver/openssh-server:latest
    container_name: openssh-server
    hostname: openssh-server #optional
    environment:
      PUBLIC_KEY: ${ED255_19_PUB_KEY_HERE}
      PUID: 1000
      PGID: 1000
      TZ: Etc/UTC
      LOG_STDOUT: true
      PASSWORD_ACCESS: true
      USER_PASSWORD: password
    ports:
      - 2222:2222
    restart: unless-stopped

# Run the plugin with the two methods: password, public_key
id: hello-world
namespace: company.team
tasks:
  - id: "command"
    type: "io.kestra.plugin.fs.ssh.Command"
    host: openssh-server
    port: "2222"
    authMethod: PUBLIC_KEY
    username: linuxserver.io
    privateKey: ${ED_KEY}
    commands:
      - "touch i_was_here"
  - id: "command-password"
    type: "io.kestra.plugin.fs.ssh.Command"
    host: openssh-server
    port: "2222"
    authMethod: PASSWORD
    username: linuxserver.io
    password: password
    commands:
      - "touch i_was_here"

---

Setup Instructions

1. Generate key ssh-keygen -t ed255_19 -f keypair -P "" -N ""
2. Create a simple SSH server (see above)
3. Create flow like above
4. Run it, enjoy

[loicmathieu]

Hi, thanks a lot.
Overall it looks good, I suggest some small code changes to make it coherent with the way we declare plugin properties.

[alexandrebrg]

Hi, thanks a lot. Overall it looks good, I suggest some small code changes to make it coherent with the way we declare plugin properties.

Thanks for the review, I applied the changes

[loicmathieu]

LGTM, thanks a lot.

[alexandrebrg]

@loicmathieu Tests should now be passing properly :)

[loicmathieu]

LGTM thanks a lot