 And Harshit, I hope you had seen that I had uploaded the recordings for previous sessions. This is the 8th of June. It's get credentials binding the first mentoring session. Now that the recording has started. And I've got some notes for I didn't have anything on today's list of topics what topics would you like to put on it. I'm going to start sharing my screen and we can, we can capture those notes. Okay, Harshit, what what would you like as first topic and anything in particular. I mean, I mean the first PR for for the coding phase. Okay, great. And, and are you ready to show it to us are we ready to talk about it what would you what would you, or are there other topics I should put on the list as well that's that's great. Yeah, I will make a PR by today. I was just working on it. So I will make it back today. And I have to provide some test cases as well. Yes, absolutely if you can provide test cases. If, if you're not ready to provide test cases code that others could test interactively is also good. These things are to be merged in the master branch of the good client login right. Eventually, yes, that's correct. Yeah, so, so I guess to answer your question. If you submit code that has no test cases. Someone else will likely test it interactively give you feedback on their interactive test results and then tell you now you need to write automated tests. Interactive testing is good. Even if, even if you haven't yet created interactive if you even if you haven't created automated test yet interactive testing is still very valuable. Okay. Also, I just want to. I mean there was like, we have to set up the regular meeting meeting day or and the meeting schedule. Good, right. Schedule regular meetings during coding phase right. And currently we've got Tuesday. But we don't have any other day scheduled. And do you have a do you have a preferred. So it's currently we've got. And now this is, is this time okay for you and for, and for Rishabh the Tuesday at 830 am India standard time. Yes. And Rishabh you're sure it's okay for you with your work schedule. If you prefer the two night. If I have to start working my nine or nine 30 usually. If it's negotiable, then yeah, it would be great, but I can manage it. So, any objection from you, harsha, if we were to shift it to be 8am India standard time. I mean, we can fall back to 730 then. Yeah, I was trying to be merciful to to Rishabh's early morning wake up time. It's okay. We can keep 730 as well. If that's okay with harsha if you like the 730 time then it's okay. Okay, so 730. Absolutely. An hour before now then. Right, exactly. And now that that creates a potential conflict with the documentation office hours for Tuesday. But I think we can find a way around it. We could ask to reschedule documentation office hours or use a different zoom account. So we used to have these on Wednesday that that was a regular. That is correct. And we could shift them to Wednesday as well. That would that would be another alternative. We were doing this today because because we wanted you to be in the meeting. This was today shifted from Wednesday to Tuesday so that there was a clash I think in your schedule. Yeah, and that is that is correct. So, if Wednesday, 730 am India standard time works for everybody that's great. For me is that would be that's the time we did it before. How is that for you Justin, is that a workable time for you. So Tuesday evening 7pm your time. I think, right, right now what time is it right now your time it's. Right now. Yep. Yeah, 730 works for her, I guess I'd be seven. Yeah. Yeah, remember they're half they're there 11 and a half or 12 and a half hours off from you. Yeah, so. Okay, so Wednesday at 730 am India standard time. Do we want to do a second session each week, like we did last year. And if so when should the second session be. Yeah, for previous GSOP 2020 we kept it Wednesday and Friday Tuesday and Friday exactly remember but yeah we used to keep two sessions but I think it's entirely dependent on the students. If you have enough questions that you would like to ask within a week then we can have two sessions but if you think that one session is enough for your developer then I personally would like to have two sessions. So harsher what would you like you have based on your experience during community bonding in the development time. One session a week or two. I mean, for now I guess one session is fine, but in future I can switch to sessions if I. Absolutely. I assume that if you if you just say the word yes I would like a second session. A second session can be scheduled very quickly. Yeah I mean it's up to you. However you like it. Great. So and Justin. Mark to share credentials with Justin. I got permission to do that so I just need to send those to you I'll send them by email or by something a little more secure than email. Okay. Awesome. Hey, anything works for me. Great. I have like last past accounts and I can open up whatever else that there's something else. Very good. And if you if you've got a last pass that's, I have ways to do a one time sharing through other other things so this this will be easy. I'll just send it to you. Great. Three. Okay. So anything else we need to discuss today so harsher you mentioned that you're going to know what I guess one topic I had was we will need documentation included as well eventually have you given any thought to how to document it. Yeah, so I submitted a little, a little very little money change in the project idea. So, I also had a few questions about documentation. So, Mark and can you share should I or can you share the project proposal. Sure. Here, let's see so you, we want to look at the project proposal on the Jenkins IOS site. Or is it are you looking at it at somewhere else. Jenkins IOS site. Okay, great. So let's go here. And. Nope, not that one. Sorry. 2021 GSOC sub project. Here we are. Okay, good. And is that visible to everyone. Or am I on the wrong page. No, this is the one. Okay, good. All right, so. Yes, I wanted to know that implementation examples these, this heading has to be changed to implementations of the findings, or these have these are to be kept. And you can choose you should choose, choose much better. If you've got a better name for them. You are welcome to choose the better name. Absolutely this was just this was just the idea is what you're asking is do you have to use this name, and this name kind of thing is that what you're asking. Yeah. No, your, your choices were much better the ones we've reviewed that we've discussed much, much better. So the new, there's new friendly shoes. I think this, this can be removed now. Where do I have that even in this. Yeah, I don't even see a friendly issues on this page. Yes, it. This is, this is now the page that describes describes your project and so you don't need to mention friendly issues here for sure. Oh, I'm looking at the one thing I can open. Here should I just stop sharing and we can let you share your screen. Mark when you were referring to documentation, did you mean the plugin documentation. I did yes. I was looking at this, I think this is wrong. So this is what the project idea I was looking at that, but it has new new be friendly issues. Oh, right and so so the, the, the idea is the one the one I think you want to modify is the the actual page under the project. Yeah, yep. And there's actually a to do in there. Office hours. Right, right. We should, we should have you update that as well. Yeah, if you don't mind that'd be amazing. And actually you might even if you want to take a look at previous years, I think they keep those projects up. So you can see how they formatted that like as time goes on. If that makes sense. But we'll work with you on it too so. Justin, maybe we could offer a sample of the layout that has worked well from past years. Let's go find a one or more. Let's see. So if we were to look at previous years. 2020 there was this student he was a little bit of a problem last year but he did really good work. He was really mean to me. He was mean to you. He was mean to Justin. That's right. Okay. Okay, so here's maybe the opposite. Here's an example. I'm going to paste into the chat. If if it helps you so is an example of the final structure of last year's pays. Yeah, and you'll see that and get to you'll see it kind of like in that same structure. Right. Yeah, where it shows. Now we'll only have to evaluation phases not three but but it's the same kind of concept. Oh, stop, stop staying. No, no, you can you can keep sharing just click that hyperlink. And, and we'll look at we can look at it all together. So here you see details. And you would put in your you put in the correct details. And they're already there in the page in the 2021 page, basically background. And then, yeah, we could do we could have the section on deliverables certainly we've identified right that there is a username password pull request and a release of the get client plug in for it. And a passphrase based and a release, and possibly, and hopefully a past phrase protected private key and release. So this goes through the those various pieces. And then as you go further down the page, it will get you into links to steps that have happened later on. So performance enhancement was a later step. So here we go evaluation phase one. And that's that's coding phase one basically isn't that what that represented for us, Rishabh was this coding phase one. So what we're starting now and we'll run for what is it do we have four weeks in coding phase one or six. So, I think for your project you could maybe as as of this moment maybe you could have a design. Say, if you don't have a design document if you have, let's say the architecture or the design for this class the first binding you're making having that representation on the page would be because I think personally that people. It's easier for people to relate when they're looking at a blog and they this year. That's the first thing they see when they're because I think in your case you're going to go, you're going to explain your implementation that is how you're going to explain your project and that's a lot of code. The next way to represent it would be first to give a design to give a picture in any form, like the UML diagram, however you want to represent your class or your implementation, and then go with explaining that implementation. Yeah. So, we have 10 weeks of coding. Great to two five weeks. Yeah, so two five week sequences right. Yeah. Excellent. Okay. So, so the idea there is, but I guess harsh it back to the, the compelling value is the code that you're creating. This is great documentation. I'm not sure we want to derail you're creating that first pull request in order to update this documentation. Yes, you need to do the documentation here absolutely but getting that first pull request and seems seems very very valuable. I think with the documentation. It'll be good to get that stuff all up to date, for sure, but if you're kind of like ready and send your brain. Right. So we have first evaluation July 12. And I will drop offline beginning Wednesday. So, Justin, you and Rashab are in the lead. Much pressure. How do we live up to mark standards. Exactly. That's right because they're such awesome standards. Awesome. We're gonna miss you man. Well, thank you for, thank you for being willing to go forward. I had another topic if fear this, if you're adding another topic to the discussion list for today was related to SSH private keys with and without passphrase. So, decryption of them so yeah. Yeah, let's, so let's put it there so I should stop shading and you can share. That sounds great. Yeah, so then SSH decryption and and I've been a little bit ill recently Justin would it be okay if I made you the host and ran the risk that I might end up having to disconnect. Okay now we're going to try some magic so just a minute let's see if I can do it. I am now going to make you the host change the host to Justin. Okay, so Justin you should be the host so you should be able to do more stuff. And is there oh and it is still recording good okay. So, now, Richard you had a you had a comment on SSH decryption as an additional topic. So if you want to share your screen with the notes on it and that way we can have you talk us through what you've learned and take notes as you do it. If you want to start with that. Yeah, I think we're ready, unless hardship you have some other topic. I think we'd be ready to switch to to Rashab's topic. My, my Mac does not have permissions to hold on to zoom so I can either leave and come back or. Oh, what does that mean so you, I've made you host but you can't can't stay as host or. So I can stay as host but I just can't share my screen just because my Mac that hasn't given zoom privileges yet. Oh, yeah. I see you don't have to, but we don't need you to share we shop and share and. Okay, great. I see it. Yeah, so. So, last time we were discussing on a possibility of decrypting the open SSH private keys with bouncing as an API is and a few suggestion, even on there but basically what we found was that there were there are specs which bouncing has created which kind of gave us an hint. This, this is a spec which they created for the open SSH for the new format. So this kind of gave us an hint that there is a possibility, an area where we could bouncy castle could provide us the ability to decrypt those keys. So, so I was trying that I was I basically what I tried was that I created some test keys. I have pasted them here as well and I have them in my, you know, in another folder as well so they were created with the. I created three experiments one was basically SSH kitchen without providing any algorithm, the default one. Then it was with the 25519 and then with RSA. That's how I created three keys and all of them were with them without passphrase as well test both of them. So with the open SSH with bouncy castle, I was facing real issues. First of all, what I could find out was that with ED 25519. So if I have a private key, I hope you all can see. So I created a key called S255. Yeah. So this is pass, passphrase protected. And I have one without passphrase as well. This bouncy castle was able to pass and I was able to get the private key from the key factory Java private key implementation from the spec. That so I could do that with this algorithm if the key was created specifically with this algorithm. But I was facing an issue if the user was not mentioning the algorithm. So let's say if the if the user creates a key like this, then it was not able to pass it. So I was facing an issue with the passing logic of open SSH private key and I tried to find reasons for it, but I could not. And so one more thing I saw in their own. I actually have their clone their project as well. So I was for me, I personally found out that the best way to look how to use it was to look at the tests they have for for these classes. I'm trying to test use action. So, so what I'm sure about is that they've tested RSA here. So if you have a RSA private key, this can be read and decrypted using the bouncy castle APIs. If you have a DSA that also can be done. If it's easy DSA that also is covered here any 25519 is also covered here. But all of these keys are not past days protected because what I found out was and let me go to the document as well that if any SSH key is is being past days protected by the open SSH the SSH key gen then it is encrypted with this format with this algorithm. So, so what I could understand is that first we need to decrypt that and then get the private key and process it with the open SSH utility that bouncy castle has provided. So, with past days protected keys that was what I saw like I tried for any algorithm I gave in the open SSH format, it was not able to pass it. So that was the first thing I found out with this. So it was, it was always using AES 256 CPR as the cipher. Yes, that is what I saw with ED 25519 algorithm and with RSA. Both of them if they are past days protected. This is what it said when it was trying to decrypt it. I was debugging the code and it was able to get the cipher out of the key and it said and it does not support the cipher. And I can also show you in their implementation. In their implementation basically this is exactly this is the line where they try to get the cipher from the private key. And if you can look here, they basically expect that there is no cipher. If there is a cipher, then it says encrypted keys are not supported. That's fun. Yeah, so, so with bouncy castle I to be more clear, I was not able to pass any past days protected SSH key, but I was able to pass keys with these format without pass phase. With one issue that if the algorithm is not mentioned while creating the SSH key that that is RSA by default, but, but I am not sure why bouncy castle was creating an issue. Maybe I was doing something wrong. I'm not sure, but there was definitely an issue. It was not able to pass it. It says that it gives me the same error encrypted keys are not supported. So I actually kind of, yeah, these were the formats I could pass with the bouncy castle APS. But then I, if there is no questions, I went ahead and I looked at a different library. And that was really interesting because that was SSJ. And to my understanding SSJ is a Java implementation of SSH, SCP, SFDP clients. So with, with that library, I was able to pass every, if it's a pass phase protected key or without a password, I was able to read them and I was able to generate a private key out of that. So I had a very bad just this is the, this is basically so you just said something very bold. There you okay if I ask again, you said that you with by using the SSJ library, you were able to read all of the private keys both passphrase protected and not passphrase protected. Did I understand right. Well, that's great. So the thing I did was that they have this utility called open SSH key one five, and you just need to initialize it with if it's a bit if it's password protected, you need to give the passphrase the password. If it's not passphrase protected, then you just give the file keys are and then you initialize it and I couldn't get you can basically provide both the public and the private key and it keeps it like that. And this is essentially used to create SSH connection. So, SSJ will be used to create a SSH client something like this, and this SSH client will use this file open SSH key one key file to establish a connection. So, I was able to get the Java private key. This is what we want, right. As far as I know, my, my doubts then key, I had it out then how do we consume this how do you want to use this, because I was looking at get clients implementation and the way they were using the file and they're using it. So I was not entirely sure how how we're doing this. To my understanding I thought that what we're basically doing is that we're letting get CLI know that SSH has the keys and then they talk and they establish the connection. Is that how it happens, Mark? That's how it happens as far as I know what we what I believe the get client does is it takes a file from the Jenkins credentials system and writes that file to the local disk on the agent and sets an environment variable that tells where to find that file we wrote to the local disk and that file we wrote to the local disk is the private key file. Now in the case where it's passphrase protected it does even more heroics it writes the private key file and then it has to write a special response file that includes the passphrase as well. But I think you described it correctly Rashab it is that we write the private key file to a file on the agent and then we pass an environment variable that tells command line get where to find that file. Okay, so, so, so then my question is that I saw something. I'm sorry I was just looking at the code and I saw something which I which is interesting. So there's whoops, you were you were right at it go back up. Okay, create the passphrase file and I'll create further up. So this is this is. All right, so create the SSH key file on mine 2812 that's, that's, okay, given, here's the SSH private key, and it's being written as an open SSH private key file to that location. I understand this, this step and then then we have the passphrase file if we have that. And then in this step I saw that this is what I was looking at once. So this is basically a shell scripted it's trying to, this is what it will run right. Correct. So this is, this is the machine trying to establish a connection with the key. So what it is is this is a, this is a shell script that's being written that will handle. If I remember, this will also handle the, the, where is it. Yeah, there it is it will handle. I think this one also handles the passphrase. I'm sorry. Go ahead. I was just saying that SSH hyphen I that this means that we're trying to establish a SSH connection with private key right. This is what we're trying to do with this line. Correct. Okay, so once we do this. We can get CLI will be able to essentially talk to SSH and get the that's that's that's its responsibility to get the to access the private server. That's that's correct. This is, this is what I'd call in the world of get this is the old way of doing things. The new way of doing things is with get underscore SSH underscore command. And, but this old technique works with versions even as old as get 1.8, like on sento seven. So, so, but yes this technique that you, I think you've expressed it correctly it's, this is a shell script that's being written to the disk. And then the name of that show the path to that shell script is being path passed as the is it SSH ask pass or SSH. There is a get underscore there is a specific environment variable that's that is used to inform command line get. Oh, there it is. It is get underscore SSH. There yep. Well, actually I think the one that does the configure the SSH is get underscore SSH and then SSH ask pass is for for the, the passphrase protected. Yes, I think so. Yeah, that looks great. Then my question is that can we not use a Java employee Java client for SSH why, why do we maybe that's that's not connected to to our current issue. But then, I think it's eventually connected to our issue that if we're creating a Java private key. How are we, how will we translate this to the shell as such. If we create the private key in Java. We need to write it to the disk using something roughly like create SSH key file online 2012. We would take the Java representation of that private key and write it to disk on the agent, so that then command line get can use that file on disk. This is basically just teeing up everything for command lines get to take over. Okay, okay, so that means that then we need this private we need to this private because I, as far as I understand me. This is not decoded. Then we have to see how do we do that so I thought that this is this is the first step right that we get the private keys out of what we're able to read them and then we get the private keys. But then how do we since we're trying to write this into a file. Okay, so we would, we would want the exact same content to be written in a file. I think so, yes. Yeah, we don't have to do the decryption and then write that content. Well, the thing we have to decrypt is if it's passphrase protected. Right because. So if, if the, we, we don't, we would like to avoid having to separately deliver the passphrase to command line get if we could. That would be the preferred thing so that if we if the user gave us a passphrase protected private key, we could if we could decrypt and remove the passphrase protection so that the thing we write to the disk has the passphrase removed. That would be the best because then then we don't have to do anything that the agent and the command line SSH doesn't have to do any prompting for passphrase. Was that was I at all clear there, Rishabh, or have I spoken poorly. No, I think you're you. Yeah, that's what I understand. So that then that means that if I'm able to leave this private key. So if I'm able to read the private key with passphrase in this case then and if I'm able to get the private key out of it. That means that this likely is internally handling that. I haven't checked actually how it's doing that but so so from what I understand with this library is that we just have to provide the, the private key if it's a passphrase protected any provide that password. And it basically gives us the private key in the public. Essentially, we want to use that file to establish a SSH connection with their client, but I was concerned if it's it's going to give us the private key or not or it's just going to be considerable for the SSH client in the SSJ library. But since it does give us the opportunity to get the private or the public key. I think they should, they should work for us. And that sounds wonderful. That sounds really great so so I think what you're saying is you've, you think you've found a way with SSHJ to read passphrase protected private keys, and to write back a private key for the same exact key that is no longer passphrase protected or at least you think conceptually that should work. So I just need to know I'm not sure if I, so if your key is passphrase protected, and would I be able to get the private key out of it if it was not decrypted internally, and then let's say I would be able to see it's encoding and the algorithm it has that Well, you have to know you certainly must know the passphrase. Right. That's not it's not that you can get the passphrase without knowing it you have to know the passphrase in order to decrypt a passphrase protected private key. Yeah, yeah, that's true. That's true. So I have an engine. So if you this is a fully pass the passphrase, basically have to be in the password find it, and you have to pass the password as a carrier, and I created the passphrase as test to pass that to this file initialization with my SSH key. And in this case, the interesting thing was that I tried it with, without giving any algorithm, then with RSA and then with ED25519. And in their documentation, in SSJ's documentation, they do say that they support all of this format for open SSH. Yes, I think this is the, this is the, this is what the new format is called for open SSH. Great. Yeah, and I was able to see that that can be decrypted. And I actually did those. So I think he said something interesting in the doc from last week. I mentioned that the passphrase, I think that passphrase is salt for encrypting with, like, I think in your example is AES 256, either CBC or CTR. So I'm wondering if this library is just like trying, or either a there's an encryption header that says hey, I'm using this algorithm. I'm going to passphrase and I'll decrypt. And then it's just doing that. And then you've got private key. I'm wondering if that's what's going on, if that makes sense. It does, that's what I'm assuming is when it is doing that. It's not just reading the, like, if I can find that code. It's doing something with a site for that I didn't see in the code, but I did not actually debug it line by line and understand what he's trying to do. Yeah, that's no problem. So my assumption was if I'm able to get the private key out of it, if it's able to initialize it, a passphrase protected key, and it's giving me a private key because earlier when I was trying to use bouncy castle in this code, then I was not able to get generate the private even generate the private key in this case we and essentially this is what the key factory does it provides us with an instance of a private key with the generate private method. This is what it tries to give us and in this case I would I was able to get that. So I made an assumption that internally it is able to decrypt this that cipher and then give us the private key which is still encoded with the open SSH format. So, I guess the next step would be to just try to decode this into a to write this into a file and then try to establish a SSH connection. I guess that's that's how we would be sure that this will work. Do we have other topics to discuss for this meeting. I'm sorry. How should do you have questions, doubts, do you think this is a valid approach. Justin, can you hear me. Yeah. Oh, okay. Yeah, her shit did you have any topics, other topics that you'd like to discuss. Is this kind of helpful. No, this is fine. Actually, I didn't get this sound for a few, a few minutes so I had to refresh my browser. Oh, okay. Can you hear us okay now. Yeah. Okay, great. Well, and we'll have a recording uploaded hardship so you can review it later. Just go ahead. No, I'm sorry. I'm sorry. No, no, we shall go ahead. I was just saying that I think I should work. You can definitely try it. You can create three sets of four sets of things. I think an exhausted list of whatever possible. And then use this library to read them, get the private key and then write them into a file and then try to do what essentially get tried, but at least I don't think it's going to be a difficult experiment. I haven't been to the code of the SSH key file by the SSH library jail library. So actually they don't support DSA algorithm. Okay. And I'm not aware of anybody using the DSA algorithm anymore I thought it was long ago deprecated retired and and described as as weak. SSH agent can still generate keys in DS algorithm. So I think it could be a concern. Okay. So I can see SSH ED 25519 SSH RSA. I tried both of them. I did not try any other encryption and for this type of as of now. So I guess are the objective since in the last meeting I asked not what would be the benefit of using of doing this programmatically versus. I mean, with a Java native implementation and versus using the launch command and there were clear benefits of using a library within our within the Java code. So, if you want to use the benefits, and if we know that the formats which majority of users are going to use are supported and we're able to do what we want to then it should be a problem for us. And for the algorithms where we know it's not going to work we can fall back. Probably you would have to write some sort of a, I would say utility which would, which would have to understand the algorithm because in this case, with this API open SSH we won't have to specify the algorithm it is going to detect that on its own cell. If you would if you see that I have provided two files there I'm sorry for the messy but this this one and this one so one of them is RSA and one of them is ED 255 and if you see my console. I just want to bring the algorithm from the private units it's going to be able to get that from from the key itself we don't have to worry about the algorithm it is we have to the key is using because in the case of bouncy castle we, we had to worry about the encryption algorithm as well because the key factory will be initialized only. If you want to generate a private key with the key factory implementation, then we would have to do the algorithm by which the key was encrypted, and that is how we could generate a private key. In this case that is not the. That's not something that we worry about, at least for the supported formats. Yeah, and that seems very promising right go ahead Justin excuse me. Actually I was saying that the key factory like even if we know the algorithm. I'm not sure if we are using that form, I mean using the bouncy castle Jenkins plug in, even if we know the algorithm, we are like sure that it will be decode will be able to. Just stand your point and I'm not. Yeah, that's what I'm saying we don't have to use bouncy castle. That's what I'm saying. But then, yeah, we definitely have to see that this works end to end because even if we are able to generate the private key if you're not able to feed this to what the gate client is doing, then it is of no use to us that is an experiment we definitely have to be sure that this is going to work. So, yeah, that would be. I am not sure if you would have the time to do it because you already have to be there. Or maybe so. So currently with our schedule, how are we planning to do the. When are we planning to do the SSH is binding. Are we are we thinking that we first, oh, we're going to the planet first we're going to use the name password binding, and then push that to production. And then we think about SSH piece. What I had understood was that the goal was to try to get all the way to release with username password, hoping that it would be relatively quick. Okay, your eyes are you still you still okay with that idea. Sorry, harsh it I used the wrong name. That's really embarrassing and that was recorded to. I was just talking to derage seeing jota about documentation an hour ago. So sorry, harsh it. I'm still okay with us with the concept that we release username password first before before switching focus to SSH keys. Yes. Okay, then I think you don't need to worry about this idea. No, no, you have you have described a bunch of things that do need worrying but not for the first phase right. I mean, it may be one week and harsh it's immediately on this depending on how difficult the username password work is. So I guess. At this moment it's not the time it's I okay so we first look into getting down to production in the concern we have around them by the time maybe I could run that experiment of it's something I should would like to do. Yeah, I will definitely try it. Once I'm like sort of confident like the user credential binding is working as I predicted so I will definitely give it a try. Understood. So, that's that's it. Is there anything else we will think about to discuss. I guess administrative question for you, Mark, regardless, regarding dependencies. I think this looks like if we were to want to use SSHJ as a dependency like it's Apache 20. You know, I don't know if you have any procedural things you like to go through before taking on a dependency. If it's Apache. So good thing to check the license and include the proposed dependency in the pull request. I figured it was just that. I, it's been a long time since I added a dependency but certainly we added a much, much larger dependency than SSHJ, when we added J get and, and it's we've survived that experience. Excellent work Rashad that is really great on the SSH decryption work. Yeah. I'll just note that to you. Yeah, so you'd put the dependency in the palm dot XML file and that would then I believe automatically included inside the get client dot HPI file or Clint get client API file. Yep. Any other topics and before we close. See we've got a schedule for so Wednesday so Justin you'll do the scheduling of the Wednesday meetings. Yeah, and I, I guess I can do this async to but are you scheduling I think you're scheduling through Google meet and then just attaching a link to this. That way right are you scheduling through zoom. I've been scheduling through zoom and if if zooms okay for you zoom has the benefit that lets us record. I don't know that everybody gets to record on Google meet. So, sorry, Google calendar is what I meant. So, oh yeah so so I'll, I'll point you to the meeting that I, I defined that's currently defined each week on a Tuesday and all you'll need to do is redefine it to Wednesday. Yeah, you can just make the collaborative or whatever. Right. All right. Perfect. And then for recordings does this just kick out to like your email. If it doesn't you have to go download it from the zoom portal and upload it to the Jenkins YouTube channel. Okay, I can ask about that. Yeah. All right, thanks everybody. And Justin, it actually won't stop recording until you leave the meeting as the as the host. All right. Thank you very much. Mark, good luck. Yep. Cheers. Bye. Bye.