On 12/19/2014 7:13 AM, Andrew Schulman wrote:
>> Here's what I have at the moment based on your branch as of a few weeks
>> ago. However, with password-protected SSH keys, the password prompt
>> isn't handled properly. Any ideas?
>
> OK, I've looked into this. It can be done, but the only solution I can see
> so far is ugly. Here's the deal:
>
> So this all kind of sucks. The only solution I can see so far is:
>
> (1) Run ssh -v cyg...@cygwin.com initially, and scrape stderr to find the
> file name of the key that's being used. (Between ssh-agents, IdentityFile
> entries in .ssh/config, and default key file names, I don't think there's
> any other sane way to figure out what key file ssh will use.)
>
> (2) Run ssh-keygen -y or similar, to figure out whether the key is
> encrypted.
>
> (3) If the key is encrypted, run
>
> lftp sftp://cyg...@cygwin.com
>
> so lftp will prompt for the passphrase. If it's not encrypted, run
>
> lftp sftp://cygwin:@cygwin.com
>
> and lftp won't prompt.
>
> Is this solution acceptable? It's ugly and slow (an extra ssh connection),
> but I guess it should be reliable.
Would be enough to default to prompting for the password but allow the
user to define a variable in /etc/cygport.conf or ~/.cygport.conf to
override the behavior? That variable could either be a boolean or
perhaps the entire connect string for lftp, or even a lftp bookmark.
Personally I use an encrypted key and ssh-agent. It's not a huge deal if
lftp prompts me for a password because I can just press Enter to have it
use ssh-agent, but it would be nice if I didn't have to.
--
David Rothenberger ---- daver...@acm.org
"It ain't over until it's over."
-- Casey Stengel
