1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
|
Simple, when performing various git annex command over ssh, in particular a multi-file get, and using password authentication, git annex will prompt more than once for a user password. This makes batch updates very inconvenient.
> I'd suggest using ssh-agent, or a passwordless ssh key. Possibly in
> combination with [[git-annex-shell]] if you want to lock down a
> particular ssh key to only being able to use git-annex and git-daemon.
>
> Combining multiple operations into a single ssh is on the todo list, but
> very far down it. --[[Joey]]
>> OTOH, automatically running ssh in ControlMaster mode (and stopping it
>> at exit) would be useful and not hard thing for git-annex to do.
>>
>> It'd just need to set the appropriate config options, setting
>> ControlPath to a per-remote socket location that includes git-annex's
>> pid. Then at shutdown, run `ssh -O exit` on each such socket.
>>
>> Complicated slightly by not doing this if the user has already set up
>> more broad ssh connection caching.
>>
>> [[done]]! --[[Joey]]
---
Slightly more elaborate design for using ssh connection caching:
* Per-uuid ssh socket in `.git/annex/ssh/user@host.socket`
* Can be shared amoung concurrent git-annex processes as well as ssh
invocations inside the current git-annex.
* Also a lock file, `.git/annex/ssh/user@host.lock`.
Open and take shared lock before running ssh; store lock in lock pool.
(Not locking socket directly, because ssh might want to.)
* Run ssh like: `ssh -S .git/annex/ssh/user@host.socket -o ControlMaster=auto -o ControlPersist=yes user@host`
* At shutdown, enumerate all existing sockets, and on each:
1. Drop any shared lock.
2. Attempt to take an exclusive lock (non-blocking).
3. `ssh -q -S .git/annex/ssh/user@host.socket -o ControlMaster=auto -o ControlPersist=yes -O stop user@host`
(Will exit nonzero if ssh is not running on that socket.)
4. And then remove the socket and the lock file.
* Do same *at startup*. Why? In case an old git-annex was interrupted
and left behind a ssh. May have moved to a different network
in the meantime, etc, and be stalled waiting for a response from the
network, or talking to the wrong interface or something.
(Ie, the reason why I don't use ssh connection caching by default.)
* User should be able to override this, to use their own preferred
connection caching setup. `annex.sshcaching=false`
|
