Thanks very much for the feedback and implementation suggestions. > If the only thing you are interested in supporting is a one-shot > invocation, i.e. giving which identity file to use from the command > line when you run either "git push" or "git fetch", Yes, this is the new option that could benefit the most people. I think this workflow would be very fast and make it very easy to have 1 key per project right where you need it: ``` mkdir project cd project ssh-keygen -t rsa -N "" -f deploy.key git init echo "deploy.key*" > .gitignore echo "Hello world" > readme.md git add . git commit -m "Initial commit" git remote add origin git@xxxxxxxxxx:breck7/project.git git push -u origin master -ssh "-i deploy.key" ``` This probably wouldn't be the option used most frequently, but could be a neat option to have for both power users and new users. For power users, I could see this being useful if you have many projects that all have different keys. For new users, I could see this is as a quick way to "get out of trouble" if you are running into ssh problems. -Breck On Thu, Sep 12, 2013 at 8:43 AM, Junio C Hamano <gitster@xxxxxxxxx> wrote: > Jeff King <peff@xxxxxxxx> writes: > >> We already have GIT_SSH, so I would expect: >> >> GIT_SSH='ssh -i $HOME/.ssh/id_for_example_com' git push >> >> to work. But sadly, GIT_SSH does not use the shell, unlike most other >> configure git commands. :( > > You read me correctly ;-) > >> We could consider it a consistency bug and fix it, though I suspect we >> may be annoying people on Windows who have spaces in their paths. > > Again, you read me correctly ;-) > >> You could write a credential helper shell script that knows about >> classes of remotes (e.g., selecting an identity file based on the >> hostname), and write only a few lines to cover a large number of hosts. > > Yes, but the same trick can be used in $HOME/.ssh/config to let one > entry cover the same large number of hosts, so... > >> For example: >> >> #!/bin/sh >> test "$1" = "get" || exit 0 >> while IFS== read key val; do >> test "$key" = "host" || continue >> case "$val" in >> *.example.com) echo sshident=com_key ;; >> *.example.net) echo sshident=net_key ;; >> esac >> done >> >> But it feels a bit hacky to be using the credential helpers at all for >> ssh connections. > > Yeah, perhaps. -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html