diff options
| author |  Joey Hess <joey@kitenet.net> | 2013-04-14 15:34:59 -0400 |
|---|---|---|
| committer | Joey Hess <joey@kitenet.net> | 2013-04-14 15:34:59 -0400 |
| commit | a6167fdc86c7431cf48e32dbf851132a21cf3bd3 (patch) | |
| tree | 968dfe825936798a1bf2e73dab4404d7a80cc833 /Assistant | |
| parent | 7a1165bc3ac8c9069ed6fd5043227d284dc6b83b (diff) | |
random ssh keys (╯°□°)╯︵ ┻━┻ gnome-keyring
assistant: Work around horrible, terrible, very bad behavior of
gnome-keyring, by not storing special-purpose ssh keys in ~/.ssh/*.pub.
Apparently gnome-keyring apparently will load and indiscriminately use such
keys in some cases, even if they are not using any of the standard ssh key
names. Instead store the keys in ~/.ssh/annex/, which gnome-keyring will
not check.
Note that neither I nor #debian-devel were able to quite reproduce this
problem, but I believe it exists, and that this fixes it. And it certianly
won't hurt anything..
Diffstat (limited to 'Assistant')
| -rw-r--r-- | Assistant/Ssh.hs | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/Assistant/Ssh.hs b/Assistant/Ssh.hs index 98b21b13b..10eb025ac 100644 --- a/Assistant/Ssh.hs +++ b/Assistant/Ssh.hs @@ -160,11 +160,18 @@ genSshKeyPair = withTempDir "git-annex-keygen" $ \dir -> do {- Installs a ssh key pair, and sets up ssh config with a mangled hostname - that will enable use of the key. This way we avoid changing the user's - regular ssh experience at all. Returns a modified SshData containing the - - mangled hostname. -} + - mangled hostname. + - + - Note that the key files are put in ~/.ssh/annex/, rather than directly + - in ssh because of an **INSANE** behavior of gnome-keyring: It loads + - ~/.ssh/*.pub, and uses them indiscriminately. But using this key + - for a normal login to the server will force git-annex-shell to run, + - and locks the user out. Luckily, it does not recurse into subdirectories. + -} setupSshKeyPair :: SshKeyPair -> SshData -> IO SshData setupSshKeyPair sshkeypair sshdata = do sshdir <- sshDir - createDirectoryIfMissing True sshdir + createDirectoryIfMissing True $ parentDir $ sshdir </> sshprivkeyfile unlessM (doesFileExist $ sshdir </> sshprivkeyfile) $ do h <- fdToHandle =<< @@ -178,7 +185,7 @@ setupSshKeyPair sshkeypair sshdata = do setSshConfig sshdata [ ("IdentityFile", "~/.ssh/" ++ sshprivkeyfile) ] where - sshprivkeyfile = "key." ++ mangleSshHostName sshdata + sshprivkeyfile = "annex" </> "key." ++ mangleSshHostName sshdata sshpubkeyfile = sshprivkeyfile ++ ".pub" {- Setups up a ssh config with a mangled hostname. |