bzr_access installation and usage
Eugene Wee
crystalrecursion at gmail.com
Sun Oct 18 06:40:31 BST 2009
Hi,
On Sun, Oct 18, 2009 at 4:28 AM, Vincent Ladeuil <v.ladeuil+lp at free.fr> wrote:
> You specify all the identify files you need (the keys you need
> for the all repos you want to access) in your ~/.ssh/config file
> and they will be tried until one succeeds.
>
> You use the key to enter the repo, no key, no repo, from there,
> bzr_access limits your access or not, then your committer id is
> really identifying you as the one creating the revisions you
> push, so any key is good.
Haha, I cannot believe that I missed the simple solution of one user
account with each user having their own key pair :D
However...
> ssh to the rescue !
> (...)
> Or you can revert the relation ship and have one key for each
> repo that your users should add to their identities (the drawback
> here is to either trust your users or revoke the keys if you want
> to redefine the allowed users).
It is in this scenario that I do not see how ssh comes to the rescue.
It is not the case that any key is good since using the key for repo1
to try and access repo2 should result in failure. One could manually
edit .ssh/config, but that does not seem like a convenient solution to
me, thus a user would need a utility like PuTTY's Pageant to readily
load the desired key.
Thanks,
Eugene
More information about the bazaar
mailing list