Re: cygport improvements: upload, fish, src_prep_fini_hook

[David Rothenberger <daveroth at acm dot org>]

On 12/19/2014 7:13 AM, Andrew Schulman wrote:
>> Here's what I have at the moment based on your branch as of a few weeks 
>> ago.  However, with password-protected SSH keys, the password prompt 
>> isn't handled properly.  Any ideas?
> 
> OK, I've looked into this.  It can be done, but the only solution I can see
> so far is ugly.  Here's the deal:
> 
> So this all kind of sucks.  The only solution I can see so far is:
> 
> (1) Run ssh -v cygwin@cygwin.com initially, and scrape stderr to find the
> file name of the key that's being used. (Between ssh-agents, IdentityFile
> entries in .ssh/config, and default key file names, I don't think there's
> any other sane way to figure out what key file ssh will use.)
> 
> (2) Run ssh-keygen -y or similar, to figure out whether the key is
> encrypted.
> 
> (3) If the key is encrypted, run 
> 
>    lftp sftp://cygwin@cygwin.com
> 
> so lftp will prompt for the passphrase.  If it's not encrypted, run
> 
>    lftp sftp://cygwin:@cygwin.com
> 
> and lftp won't prompt.
> 
> Is this solution acceptable?  It's ugly and slow (an extra ssh connection),
> but I guess it should be reliable.

Would be enough to default to prompting for the password but allow the
user to define a variable in /etc/cygport.conf or ~/.cygport.conf to
override the behavior? That variable could either be a boolean or
perhaps the entire connect string for lftp, or even a lftp bookmark.

Personally I use an encrypted key and ssh-agent. It's not a huge deal if
lftp prompts me for a password because I can just press Enter to have it
use ssh-agent, but it would be nice if I didn't have to.

-- 
David Rothenberger  ----  daveroth@acm.org

"It ain't over until it's over."
                -- Casey Stengel