This is the mail archive of the cygwin-apps mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: cygport improvements: upload, fish, src_prep_fini_hook


> > If SSH_KEY is set (in the environment, or in ~/.cygport.conf), then cygport will
> > load that key into an ssh-agent if necessary.  
> 
> Minor nit:  SSH_KEY as env var is so generic and easily confused with
> the variables set by ssh-agent.  Wouldn't something with CYGPORT in its
> name be better?  CYGPORT_SSH_KEY?

Either way is okay with me.  Yaakov, do you have a preference?

> > If SSH_KEY is not set, then it's just too hard to figure out what key ssh will
> > use.  To figure that out, we'd have to reproduce a bunch of logic in ssh,
> > including parsing the ssh config file, and that's not going to happen.  So, in
> > this case we just give up and give lftp the connect string
> > sftp://cygwin-rDBXBDvO6BXQT0dZR+AlfA@public.gmane.org, which will cause it to prompt for a passphrase every
> > time.
> 
> This puzzles me a bit.  Even if an ssh-agent is running?  Does lftp
> utilize a running ssh-agent?

Yes, it does.  lftp calls ssh to use as its network transport, so ssh-agent is
supported and all of the usual rules apply for which key ssh will use for the
connection.

But here's the problem:  I need to add the right key to ssh-agent before I run
lftp.  But which key is that?  It could be any of the standard key names, or the
user could specify an IdentityFile for cygwin.com in ~/.ssh/config.  To figure
it out I'd have to either:

(1) Reimplement the rules that ssh uses to decide which key to use, including
parsing ~/.ssh/config; or

(2) Get ssh to tell me which key it uses, by running an initial ssh connection
to cygwin.com and processing the output to get information about the key.

I've thought about both of these options, and they're hard.  They'd add
complexity and unreliability that I think aren't justified by the gain in ease
of use.

So, the fallback is just to make maintainers add SSH_KEY to their .cygport.conf
file, if they don't want to get prompted for a passphrase every time.  I think
it's an okay compromise.

Andrew


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]