This is the mail archive of the
mailing list for the Cygwin project.
Re: cygport SSH_KEY variable
- From: Andrew Schulman <schulman dot andrew at epa dot gov>
- To: cygwin-apps at cygwin dot com
- Date: Sat, 27 Jun 2015 15:18:22 -0400
- Subject: Re: cygport SSH_KEY variable
- Authentication-results: sourceware.org; auth=none
- References: <558ED07A dot 3090406 at cornell dot edu>
> According to the documentation of SSH_KEY, "You'll need to set this if
> your private key isn't already loaded into a running ssh-agent(1), and
> it doesn't have one of the expected file names such as ~/.ssh/id_rsa."
> But I don't see in the source that cygport checks for one of the
> expected file names. Is this a cygport bug or just a documentation bug?
Neither, unless I'm mistaken. cygport doesn't explicitly check for the standard
key file names, it's true. Instead, it relies implicitly on ssh to do that work
for it. cygport calls lftp, which calls sftp, which calls ssh, which then uses
its standard logic of looking for keys in the expected locations, in a running
ssh-agent, or according to an IdentityFile setting in ~/.ssh/config.
When I was developing the cygport upload command, I considered reimplementing
ssh's logic of looking for keys. But with all of the above possiblities, it
would've been way too hard. So after some discussion on this list, I fell back
on allowing the user specify SSH_KEY, and loading that key into an ssh-agent.
So a more accurate statement would be:
You'll need to set this if your private key isn't in a place where sftp/ssh
can find it: one of the expected file names, such as ~/.ssh/id_rsa; loaded
into a running ssh-agent(1); or specified in IdentityFile in ~/.ssh/config.
See ssh(1), ssh_config(1), and ssh-agent(1) for details.
which I guess would be worth the extra space.
If you have an ssh key in a standard location, not loaded into an ssh-agent, and
you don't set SSH_KEY, please do test that cygport is able to use that key to
upload. If not, it's a bug.