To configure SSH authentication, you will need to execute the following main steps:
In this step you will configure Artifactory's SSH authentication parameters. First you need to generate an SSH key pair for Artifactory. For example, on a Linux-based system, you could execute the following command.
ssh-keygen -t rsa -C "firstname.lastname@example.org"
Fill in the details for the Server Settings and the Server Keys.
Enable SSH Authentication
|When checked, SSH authentication is enabled.|
|The port that should be used for an SSH connection.|
Custom URL Base
|The Custom Base URL that should be used for SSH connections. Note that this is the same Custom URL Base configured in the Administration module under Configuration | General.|
Public key/Private key
|The key pair used for authentication.|
In this step, you will configure Artifactory with your public key so that you may be authenticated when sending requests to Artifactory from the Git LFS client or from the Artifactory CLI.
First, you need to generate a key pair. For example, on a Linux-based system, you could execute the following command:
ssh-keygen -t rsa -C "USER@domain.com"
Your public and private keys should be created under the
Update your public key under the SSH section of your User Profile.
To configure your Git LFS client, see Authenticating with SSH.
Controlling your SSH Server Security depends on your JFrog deployment:
You can now control ciphers, MACs, signatures, and key exchange algorithms that are accepted by the Artifactory SSH server.
These values are left empty/null by default, and can have values delimited by comma (,) similarly to the correlating properties and will be applied only if the corresponding artifactory.ssh.*.algorithms is not set.
From Artifactory 7.18.6, the following constant values have been added as 'Include Only' algorithms:
The Exclude patterns are:
From Artifactory 7.18.6, the additional system properties were added to the exclude patterns.
Deprecated values are not loaded by default.
Values (loaded by default)
Deprecated (not loaded unless configured by name)
Key Exchange Algorithms
Message Authentication Codes (MAC) Algorithms