cygport upload seems to ignore SSH_KEY

Tue Nov 5 16:01:33 GMT 2024

On 2024-11-05 04:19, Andrew Schulman via Cygwin wrote:
>> On 2024-11-04 12:20, Federico Kircheis via Cygwin wrote:
>>> up until recently I've uploaded packages the following way
>>> export SSH_KEY=/path/to/id_rsa;
>>> cygport /path/to/file.cygport upload
>>> but today I got the following error
>>> cd: Fatal error: max-retries exceeded
>>> I've fixed it by copying my key in the .ssh folder
>>> cp $SSH_KEY ~/.ssh/id_rsa
>>> cygport /path/to/file.cygport upload
>>> So it is not blocking me, but I wanted to know if this was a known bug, or if I
>>> am the only one experiencing it.
>>
>> See
>> 	https://cygwin.github.io/cygport/cygport_conf.html#SSH_KEY
>> or
>> 	/usr/share/doc/cygport/html/manual/cygport_conf.html#SSH_KEY
>>
>> SSH_KEY
>>
>> DESCRIPTION
>>
>> Path to the SSH private key corresponding to the public key registered for
>> uploading on sourceware.
>> You'll need to set this if your private key isn't already loaded into a running
>> ssh-agent(1), and it doesn't have one of the expected file names such as
>> ~/.ssh/id_rsa.
>> Also, setting this allows cygport to determine if a passphrase is needed to
>> decrypt the key, and only prompt you for a passphrase if it's needed.
>> Otherwise, you'll be prompted for a passphrase every time you upload.
>>
>> Instead of `ssh-agent` and `ssh-add`, you can use `keychain` in your login
>> profile, which allows cross-session sharing, across X and terminal sessions, and
>> logouts, for example:
>> 	$ eval `/usr/bin/keychain --noask --eval ~/.ssh/id_rsa`
>> then
>> 	$ keychain ~/.ssh/id_rsa
> 
> I haven't used cygport up in a long time - I use git push now, and let scallywag
> build the packages - but this does seem like new wrong behavior. Surely he
> shouldn't have to use keychain to get cygport to work? According to the docs, as
> you cited, his method should work.

Using keychain is just a way of setting up, persisting, and sharing 
ssh-/gpg-agent sessions, so keys are kept available in long running agent 
sessions, across login sessions, without requesting passphrase input for some 
period.

Likely the issue could be permissions on his alternate location key file and 
directory/path, as libraries and clients are getting pickier about security 
issues and vulnerabilities, and openssh was recently updated, although cygport 
should diagnose any failures.

The message itself appears likely to have come from `lftp` invoked by
`cygport ... upload` /usr/share/cygport/lib/pkg_upload.cygpart failing to 
authenticate a connection, for some reason?

[Tried to look on lftp.tech website, but site access tried to force download and 
install of some huge Windows "Securigard privacy browser" installer to use the 
site! Killed and exited!]

-- 
Take care. Thanks, Brian Inglis              Calgary, Alberta, Canada

La perfection est atteinte                   Perfection is achieved
non pas lorsqu'il n'y a plus rien à ajouter  not when there is no more to add
mais lorsqu'il n'y a plus rien à retirer     but when there is no more to cut
                                 -- Antoine de Saint-Exupéry