When a specific private key needs to be used with a repository, manually
specifying it via 'core.sshCommand' is not ideal. This option allows a
keyfile to be specified in the local configuration. If a keyfile is
specified, SSH agents are disabled for the command.
Signed-off-by: Raymond E. Pasco <ray@xxxxxxxxxxxx>
---
I've encountered the need to specify a specific SSH key to be used with
a repository, and overriding the whole ssh command isn't great. I have
only tested this with OpenSSH.
connect.c | 32 ++++++++++++++++++++++++++++----
1 file changed, 28 insertions(+), 4 deletions(-)
diff --git a/connect.c b/connect.c
index 23013c6344..dc7c75ead3 100644
--- a/connect.c
+++ b/connect.c
@@ -1104,8 +1104,9 @@ static struct child_process *git_connect_git(int fd[2], char *hostandport,
* `args` for running ssh in Git's SSH-tunneled transport.
*/
static void push_ssh_options(struct argv_array *args, struct argv_array *env,
- enum ssh_variant variant, const char *port,
- enum protocol_version version, int flags)
+ enum ssh_variant variant, const char *keyfile,
+ const char *port, enum protocol_version version,
+ int flags)
{
if (variant == VARIANT_SSH &&
version > 0) {
@@ -1144,6 +1145,26 @@ static void push_ssh_options(struct argv_array *args, struct argv_array *env,
if (variant == VARIANT_TORTOISEPLINK)
argv_array_push(args, "-batch");
+ if (keyfile) {
+ switch (variant) {
+ case VARIANT_AUTO:
+ BUG("VARIANT_AUTO passed to push_ssh_options");
+ case VARIANT_SIMPLE:
+ die(_("ssh variant 'simple' does not support setting keyfiles"));
+ case VARIANT_SSH:
+ argv_array_push(args, "-a");
+ argv_array_push(args, "-i");
+ argv_array_push(args, keyfile);
+ break;
+ case VARIANT_PLINK:
+ case VARIANT_PUTTY:
+ case VARIANT_TORTOISEPLINK:
+ argv_array_push(args, "-noagent");
+ argv_array_push(args, "-i");
+ argv_array_push(args, keyfile);
+ }
+ }
+
if (port) {
switch (variant) {
case VARIANT_AUTO:
@@ -1169,6 +1190,7 @@ static void fill_ssh_args(struct child_process *conn, const char *ssh_host,
int flags)
{
const char *ssh;
+ const char *keyfile;
enum ssh_variant variant;
if (looks_like_command_line_option(ssh_host))
@@ -1200,14 +1222,16 @@ static void fill_ssh_args(struct child_process *conn, const char *ssh_host,
argv_array_push(&detect.args, ssh);
argv_array_push(&detect.args, "-G");
push_ssh_options(&detect.args, &detect.env_array,
- VARIANT_SSH, port, version, flags);
+ VARIANT_SSH, keyfile, port, version, flags);
argv_array_push(&detect.args, ssh_host);
variant = run_command(&detect) ? VARIANT_SIMPLE : VARIANT_SSH;
}
+ git_config_get_string_const("ssh.keyfile", &keyfile);
+
argv_array_push(&conn->args, ssh);
- push_ssh_options(&conn->args, &conn->env_array, variant, port, version, flags);
+ push_ssh_options(&conn->args, &conn->env_array, variant, keyfile, port, version, flags);
argv_array_push(&conn->args, ssh_host);
}
--
2.26.1
