gitea
/
tea
42
89
Fork 41
Code Issues 65 Pull Requests 7 Releases 13 Activity
Labels Milestones

improve ssh handling #277

Merged
6543 merged 13 commits from noerw/tea:improve-ssh-handling into master 2 years ago
Conversation 1 Commits 13 Files Changed 6
noerw commented 2 years ago
Collaborator
  • use protocol of existing remotes for fetch authentication
  • find & store ssh keys
  • add new remotes only as ssh if we have a working ssh setup

maybe this helps with #262
fixes #190
closes #261 (implements an alternative approach)

- use protocol of existing remotes for fetch authentication - find & store ssh keys - add new remotes only as ssh if we have a working ssh setup maybe this helps with #262 fixes #190 closes #261 (implements an alternative approach)
noerw added 3 commits 2 years ago
d5ab18eba7
checkout: use configured protocol for PR checkout
8b2b5c991b
login add: try to find a matching ssh key & store it in config
continuous-integration/drone/pr Build is failing
Details
bd964cc08b pr checkout: don't fetch ssh keys
noerw added the
kind/enhancement
 label 2 years ago
noerw added the
status/needs-reviews
 label 2 years ago
6543 commented 2 years ago
Collaborator

lint error

lint error
noerw added 1 commit 2 years ago
continuous-integration/drone/pr Build is passing
Details
455269c142
fix import order
lunny reviewed 2 years ago
Dismissed
modules/config/login.go Outdated
if len(sshKey) == 0 {
login.SSHKey, err = login.FindSSHKey()
fmt.Println(login.SSHKey)
lunny commented 2 years ago
Owner

Please remove trace code.

Please remove trace code.
noerw marked this conversation as resolved
noerw added 1 commit 2 years ago
continuous-integration/drone/pr Build is passing
Details
7c55588ea6
remove debug print statement
noerw added 1 commit 2 years ago
lunny reviewed 2 years ago
Dismissed
modules/config/login.go Outdated
}
// enumerate ~/.ssh/*.pub files
glob, err := utils.AbsPathWithExpansion("~/.ssh/*.pub")
lunny commented 2 years ago
Owner

But this require users to keep private keys with public keys on ~/.ssh.

But this require users to keep private keys with public keys on `~/.ssh`.
noerw commented 2 years ago
Poster
Collaborator

Anybody who has a different setup can still use the --ssh-key flag to override.
Also I have never seen any location different from ~/.ssh 🤔

Anybody who has a different setup can still use the `--ssh-key` flag to override. Also I have never seen any location different from `~/.ssh` 🤔
noerw commented 2 years ago
Poster
Collaborator

Ah, I misunderstood; you're talking about having private keys next to pubkeys.
That's a valid concern I guess. hmm

Ah, I misunderstood; you're talking about having private keys next to pubkeys. That's a valid concern I guess. hmm
noerw commented 2 years ago
Poster
Collaborator

So to summarize: Once we remove the check if the privkey file is next to the pubkey, it works for most cases:

  • ssh mode for new remotes is enabled, if a matching pubkey is found in ~/.ssh/
  • if ssh-agent is running & privkey isn't next to pubkey, ssh auth works as expected
  • if ssh-agent is not running & privkey is next to pubkey, ssh auth works as expected
  • if ssh-agent is not running & privkey isn't next to pubkey, ssh auth is broken.

To recover that last case, we could additionally search ~/.ssh/config for the gitea hostname, I'm not sure that is worth it, don't know if people actually have a setup like this

So to summarize: Once we remove the check if the privkey file is next to the pubkey, it works for most cases: - ssh mode for new remotes is enabled, if a matching pubkey is found in ~/.ssh/ - if ssh-agent is running & privkey isn't next to pubkey, ssh auth works as expected - if ssh-agent is not running & privkey is next to pubkey, ssh auth works as expected - if ssh-agent is not running & privkey isn't next to pubkey, ssh auth is broken. To recover that last case, we could additionally search `~/.ssh/config` for the gitea hostname, I'm not sure that is worth it, don't know if people actually have a setup like this
lunny commented 2 years ago
Owner

@noerw I did that set up and never used ssh-agent . :(

@noerw I did that set up and never used ssh-agent . :(
6543 commented 2 years ago
Collaborator

@lunny me too :D

@lunny me too :D
6543 marked this conversation as resolved
6543 added 1 commit 2 years ago
continuous-integration/drone/pr Build is passing
Details
af23fb95b9 Merge branch 'master' into improve-ssh-handling
noerw added 1 commit 2 years ago
continuous-integration/drone/pr Build is passing
Details
77807faf28 Merge branch 'master' into improve-ssh-handling
noerw added 1 commit 2 years ago
continuous-integration/drone/pr Build is passing
Details
0712e7faa0 Merge branch 'master' into improve-ssh-handling
noerw added 1 commit 2 years ago
continuous-integration/drone/pr Build is passing
Details
7d94a9545c
improve ssh-key value docs
khmarbaise approved these changes 2 years ago
Dismissed
khmarbaise left a comment
Collaborator

From my point of view this looks ok.

From my point of view this looks ok.
6543 added 2 commits 2 years ago
continuous-integration/drone/pr Build is passing
Details
a5d289ac27
fix merge-conflict relicts
6543 added this to the v0.6.0 milestone 2 years ago
6543 added 1 commit 2 years ago
continuous-integration/drone/pr Build is passing
Details
8029fbe8dd
rm named return & fix pwCallback nil check
lunny approved these changes 2 years ago
Dismissed
6543 approved these changes 2 years ago
Dismissed
6543 added
kind/bug
 and removed
status/needs-reviews
 labels 2 years ago
6543 merged commit 0f38da068c into master 2 years ago
6543 referenced this issue from a commit 2 years ago
Improve ssh handling (#277)
continuous-integration/drone/pr Build is passing
Details
The pull request has been merged as 0f38da068c.
Sign in to join this conversation.
Reviewers
Request review
No reviewers
Labels
Apply labels
Clear labels
kind/breaking kind/bug kind/build kind/dependency kind/deployment kind/docs kind/enhancement kind/feature kind/proposal kind/question kind/refactor kind/security kind/testing kind/translation priority/critical priority/high priority/low priority/medium reviewed/duplicate reviewed/invalid reviewed/wontfix skip-changelog status/blocked status/has-backport status/has-pull status/needs-backport status/needs-feedback status/needs-reviews status/wip upstream/gitea upstream/sdk
No Label kind/breaking kind/bug kind/build kind/dependency kind/deployment kind/docs kind/enhancement kind/feature kind/proposal kind/question kind/refactor kind/security kind/testing kind/translation priority/critical priority/high priority/low priority/medium reviewed/duplicate reviewed/invalid reviewed/wontfix skip-changelog status/blocked status/has-backport status/has-pull status/needs-backport status/needs-feedback status/needs-reviews status/wip upstream/gitea upstream/sdk
Milestone
Set milestone
Clear milestone
No items
No Milestone
v0.6.0
Assignees
Assign users
Clear assignees
No Assignees
4 Participants
Notifications
Due Date

No due date set.

Reference: gitea/tea#277
Write Preview
Loading…
Cancel
Save
There is no content yet.
Delete Branch 'noerw/tea:improve-ssh-handling'

Deleting a branch is permanent. It CANNOT be undone. Continue?

No
Yes