View previous topic :: View next topic |
Author |
Message |
gemi n00b
Joined: 10 Oct 2012 Posts: 31
|
Posted: Thu Oct 17, 2013 4:02 am Post subject: ssh-agent forward for emerge with git |
|
|
Hi,
I wrote my own overlay with layman and use git to host the overlay as well as the packages that I try to install.
When I emerge packages out of the overlay I get asked for the git repository password. Now I want to set it up in a way so it does not ask me for a password anymore. I added ssh keys so that a git clone of the desired packages works passwordless. I use ssh-agent for that.
However if I do and emerge of the package it still asks me for a password. I assume this has to do with emerge running as user portage.
This works fine passwordless:
Code: | eval `ssh-agent`
ssh-add deploy_rsa
git clone some_package
kill $SSH_AGENT_PID |
This does not work passwordless:
Code: | eval `ssh-agent`
ssh-add deploy_rsa
emerge -av some_package
kill $SSH_AGENT_PID |
How can that be fixed? I don't want to remove the security of the git host. |
|
Back to top |
|
|
Hu Moderator
Joined: 06 Mar 2007 Posts: 21619
|
Posted: Thu Oct 17, 2013 7:34 pm Post subject: |
|
|
You could create a password-less key that has read-only access to the repository. Give that key to Portage and retain the read-write key for yourself.
If you serve the repository over the Git protocol, you could have emerge download via the Git protocol instead of tunnelling over ssh. |
|
Back to top |
|
|
gemi n00b
Joined: 10 Oct 2012 Posts: 31
|
Posted: Thu Oct 17, 2013 11:35 pm Post subject: |
|
|
That is what I did. I have a passwordless key read only file to access the repository. Works great if I do a normal git clone .... But if I run the ebuild through the emerge comand, that does nothing other than a git clone, it does not work. |
|
Back to top |
|
|
Hu Moderator
Joined: 06 Mar 2007 Posts: 21619
|
Posted: Fri Oct 18, 2013 12:00 am Post subject: |
|
|
You checked that the read-only key is in the Portage user's .ssh directory and has the correct permissions, and it still does not work? What happens if you pass -v to the underlying ssh? Have you tested running the git clone by hand as the Portage user? |
|
Back to top |
|
|
gemi n00b
Joined: 10 Oct 2012 Posts: 31
|
Posted: Fri Oct 18, 2013 12:03 am Post subject: |
|
|
Ok, where is the portage user .ssh directory located?
So far I used ssh-agent and hoped that the environment variables get forwarded to emerge |
|
Back to top |
|
|
|