[MERGE] All ssh variants support authentication.conf
John Arbash Meinel
john at arbash-meinel.com
Wed Oct 15 21:37:58 BST 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Aaron Bentley wrote:
> Hi all,
>
> There's currently no way for bzrlib clients to control the SSH username
> that is used. Well, there is, but only for those using Paramiko's ssh
> implementation rather than, say, OpenSSH.
>
> When authentication.conf was originally documented, the intent was for
> it to provide default SSH usernames:
>
> Note that ssh servers can be configured to use keys instead of
> (``user``, ``password``) and, when used with appropriate agents,
> provide the same kind of comfort this specification aims to provide
> for all other schemes. Since ssh agents provide a safer way to secure
> the passwords, this specification is restricted to providing ``user``
> but does not provide ``password``.
>
> But this was only implemented for Paramiko. (It also uses passwords.)
BB:approve
Just to make sure, for this change:
+ # paramiko requires a username, but it might be none if nothing was
+ # supplied. If so, use the local username.
if username is None:
- - username = auth.get_user('ssh', host, port=port)
- - if username is None:
- - # Default to local user
- - username = getpass.getuser()
+ username = getpass.getuser()
This is because we'll already be checking AuthenticationConfig before we
even get to the _paramiko_auth?
It sort of seems like using Auth should be in 'ssh.py' and not in
'remote.py'. (Because it is auth around an ssh connection.)
However, this works, and it is certainly reasonable to include.
John
=:->
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkj2VKYACgkQJdeBCYSNAANWMACgnpHycV4GqwH86IdGxKtw6fQI
l/AAoIJCP2ClgHLaqOW4Xl2/F6S3lhpn
=BHfa
-----END PGP SIGNATURE-----
More information about the bazaar
mailing list