improve ssh handling #277

Merged
6543 merged 13 commits from noerw/tea:improve-ssh-handling into master 2020-12-11 13:42:42 +00:00
Member
  • use protocol of existing remotes for fetch authentication
  • find & store ssh keys
  • add new remotes only as ssh if we have a working ssh setup

maybe this helps with #262
fixes #190
closes #261 (implements an alternative approach)

- use protocol of existing remotes for fetch authentication - find & store ssh keys - add new remotes only as ssh if we have a working ssh setup maybe this helps with #262 fixes #190 closes #261 (implements an alternative approach)
noerw added 3 commits 2020-12-07 17:51:38 +00:00
d5ab18eba7
checkout: use configured protocol for PR checkout
instead of defaulting to ssh if that is enabled
this might fix #262
8b2b5c991b
login add: try to find a matching ssh key & store it in config
possibly expensive operation should be done once
Some checks failed
continuous-integration/drone/pr Build is failing
bd964cc08b
pr checkout: don't fetch ssh keys
As a result, we don't try to pull via ssh, if no privkey was configured.
This increases chances of a using ssh only on a working ssh setup.
noerw added the
kind
enhancement
label 2020-12-07 17:51:48 +00:00
noerw added the
status/needs-reviews
label 2020-12-07 17:54:12 +00:00
Owner

lint error

lint error
noerw added 1 commit 2020-12-07 17:56:15 +00:00
All checks were successful
continuous-integration/drone/pr Build is passing
455269c142
fix import order
lunny reviewed 2020-12-07 23:46:14 +00:00
Dismissed
@ -196,1 +262,4 @@
if len(sshKey) == 0 {
login.SSHKey, err = login.FindSSHKey()
fmt.Println(login.SSHKey)
Owner

Please remove trace code.

Please remove trace code.
noerw marked this conversation as resolved
noerw added 1 commit 2020-12-08 00:17:44 +00:00
All checks were successful
continuous-integration/drone/pr Build is passing
7c55588ea6
remove debug print statement
noerw added 1 commit 2020-12-08 01:38:37 +00:00
All checks were successful
continuous-integration/drone/pr Build is passing
491be550cb
Merge remote-tracking branch 'upstream/master' into improve-ssh-handling
lunny reviewed 2020-12-08 02:18:26 +00:00
Dismissed
@ -100,0 +111,4 @@
}
// enumerate ~/.ssh/*.pub files
glob, err := utils.AbsPathWithExpansion("~/.ssh/*.pub")
Owner

But this require users to keep private keys with public keys on ~/.ssh.

But this require users to keep private keys with public keys on `~/.ssh`.
Author
Member

Anybody who has a different setup can still use the --ssh-key flag to override.
Also I have never seen any location different from ~/.ssh ?

Anybody who has a different setup can still use the `--ssh-key` flag to override. Also I have never seen any location different from `~/.ssh` ?
Author
Member

Ah, I misunderstood; you're talking about having private keys next to pubkeys.
That's a valid concern I guess. hmm

Ah, I misunderstood; you're talking about having private keys next to pubkeys. That's a valid concern I guess. hmm
Author
Member

So to summarize: Once we remove the check if the privkey file is next to the pubkey, it works for most cases:

  • ssh mode for new remotes is enabled, if a matching pubkey is found in ~/.ssh/
  • if ssh-agent is running & privkey isn't next to pubkey, ssh auth works as expected
  • if ssh-agent is not running & privkey is next to pubkey, ssh auth works as expected
  • if ssh-agent is not running & privkey isn't next to pubkey, ssh auth is broken.

To recover that last case, we could additionally search ~/.ssh/config for the gitea hostname, I'm not sure that is worth it, don't know if people actually have a setup like this

So to summarize: Once we remove the check if the privkey file is next to the pubkey, it works for most cases: - ssh mode for new remotes is enabled, if a matching pubkey is found in ~/.ssh/ - if ssh-agent is running & privkey isn't next to pubkey, ssh auth works as expected - if ssh-agent is not running & privkey is next to pubkey, ssh auth works as expected - if ssh-agent is not running & privkey isn't next to pubkey, ssh auth is broken. To recover that last case, we could additionally search `~/.ssh/config` for the gitea hostname, I'm not sure that is worth it, don't know if people actually have a setup like this
Owner

@noerw I did that set up and never used ssh-agent . :(

@noerw I did that set up and never used ssh-agent . :(
Owner

@lunny me too :D

@lunny me too :D
6543 marked this conversation as resolved
6543 added 1 commit 2020-12-08 11:31:01 +00:00
All checks were successful
continuous-integration/drone/pr Build is passing
af23fb95b9
Merge branch 'master' into improve-ssh-handling
noerw added 1 commit 2020-12-08 17:49:20 +00:00
All checks were successful
continuous-integration/drone/pr Build is passing
77807faf28
Merge branch 'master' into improve-ssh-handling
noerw added 1 commit 2020-12-08 22:55:11 +00:00
All checks were successful
continuous-integration/drone/pr Build is passing
0712e7faa0
Merge branch 'master' into improve-ssh-handling
noerw added 1 commit 2020-12-09 14:36:44 +00:00
All checks were successful
continuous-integration/drone/pr Build is passing
7d94a9545c
improve ssh-key value docs
khmarbaise approved these changes 2020-12-09 19:37:22 +00:00
Dismissed
khmarbaise left a comment
Member

From my point of view this looks ok.

From my point of view this looks ok.
6543 added 2 commits 2020-12-11 10:39:30 +00:00
All checks were successful
continuous-integration/drone/pr Build is passing
a5d289ac27
fix merge-conflict relicts
6543 added this to the v0.6.0 milestone 2020-12-11 10:55:34 +00:00
6543 added 1 commit 2020-12-11 13:35:32 +00:00
All checks were successful
continuous-integration/drone/pr Build is passing
8029fbe8dd
rm named return & fix pwCallback nil check
lunny approved these changes 2020-12-11 13:36:24 +00:00
Dismissed
6543 approved these changes 2020-12-11 13:36:55 +00:00
Dismissed
6543 added
kind/bug
and removed
status/needs-reviews
labels 2020-12-11 13:37:16 +00:00
6543 merged commit 0f38da068c into master 2020-12-11 13:42:42 +00:00
6543 referenced this issue from a commit 2020-12-11 13:42:42 +00:00
Sign in to join this conversation.
No description provided.