[PATCH] gnu: open-ssh-session: Don’t require public key.

  • Done
  • quality assurance status badge
Details
2 participants
  • Ian Eure
  • Christopher Baines
Owner
unassigned
Submitted by
Ian Eure
Severity
normal

Debbugs page

I
I
Ian Eure wrote on 6 Apr 16:17 -0700
[PATCH] gnu: open-ssh-session: Don’t requ ire public key.
(address . guix-patches@gnu.org)(name . Ian Eure)(address . ian@retrospec.tv)
b26edae0cd07082f812c6ab65d934ece9d0d3a4f.1712445373.git.ian@retrospec.tv
* guix/scripts/offload.scm (open-ssh-session): Delete `public' binding.
Public keys aren’t required for client connections, and this binding is
unused. The behavior of assuming a ".pub"-suffixed file exists in the same
directory as the secret key is undocumented and surprising.

Change-Id: I9b532be2abe68dae0323e4ef6e1ceab1e5603359
---
guix/scripts/offload.scm | 3 ---
1 file changed, 3 deletions(-)

Toggle diff (18 lines)
diff --git a/guix/scripts/offload.scm b/guix/scripts/offload.scm
index 137e3b5fe3..93e9d3759c 100644
--- a/guix/scripts/offload.scm
+++ b/guix/scripts/offload.scm
@@ -213,9 +213,6 @@ (define* (open-ssh-session machine #:optional max-silent-time)
When MAX-SILENT-TIME is true, it must be a positive integer denoting the
number of seconds after which the connection times out."
(let ((private (private-key-from-file* (build-machine-private-key machine)))
- (public (public-key-from-file
- (string-append (build-machine-private-key machine)
- ".pub")))
(session (make-session #:user (build-machine-user machine)
#:host (build-machine-name machine)
#:port (build-machine-port machine)

base-commit: ab3731d255ff1ac8d6874bc0f68ad94f21f08e79
--
2.41.0
C
C
Christopher Baines wrote on 7 Apr 12:32 -0700
Re: [bug#70249] [PATCH] gnu: open-ssh-session: Don ’t require public key.
(name . Ian Eure)(address . ian@retrospec.tv)
87zfu5dl3s.fsf@cbaines.net
Ian Eure <ian@retrospec.tv> writes:

Toggle quote (10 lines)
> * guix/scripts/offload.scm (open-ssh-session): Delete `public' binding.
> Public keys aren’t required for client connections, and this binding is
> unused. The behavior of assuming a ".pub"-suffixed file exists in the same
> directory as the secret key is undocumented and surprising.
>
> Change-Id: I9b532be2abe68dae0323e4ef6e1ceab1e5603359
> ---
> guix/scripts/offload.scm | 3 ---
> 1 file changed, 3 deletions(-)

I can't see how this binding is used either, so I've pushed this to
master as 298aed72a2a76be33f9a55bed22636acd7a4f9b9.

Chris
-----BEGIN PGP SIGNATURE-----

iQKlBAEBCgCPFiEEPonu50WOcg2XVOCyXiijOwuE9XcFAmYS9OdfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNF
ODlFRUU3NDU4RTcyMEQ5NzU0RTBCMjVFMjhBMzNCMEI4NEY1NzcRHG1haWxAY2Jh
aW5lcy5uZXQACgkQXiijOwuE9XejmRAApmPt25lJFx4B3HelZHjjX6hDUHPjcGtT
Fp6F99j4V5v25kLy3JwPT1cTISwkJ8nA06oHfsNOp9UiQZ+hTYYdlwWvXirDGpRh
YFkXc9cYh85GBXwiIzU8GmXojho9onXTtHlOyKn8ABAxYKz7VJt5QpqJ2qOe9dqu
OEXD0bcS/TpG8eKasWfZgKv8BrT0CgSgIKF3T1XgcHZHPd+6S70r7pHcizRmY2PW
iS1e81YnuY05ljkYawxXxPB2vzPUIi6QsXNmrWm6MkYfZfDwaz0WfZv10tfXYgU3
8650JRcOAHpnkykSulkG1DxrcWq1u35yc2OlwQ+bR1/EzcJhhMWhwn+arZTOSmqH
S7O4NsRaMuTbSrmuhBkcikQM8oD+EOUDN8BPFKmF8orWQl+h+awwcniiudCTemyS
FlJroZOxJfMgmNgTRaJ15u58aL0qOM/zKgDrfUevVga3Km1cPezSvbxFqhCdIuOU
G2UpefscS8w6oYYS8BRE1hGKZNjojLdRTsvJW/65F2J+PaoO4mf4+g3bzdzLYyt4
hPa3GX/tbvOJChTNGBVmE3FX6bcy3V00gaFIgyOFR/0VyKnpw01gFqKYbDXGIaNM
8efJm/t5zXZyVt8WoEtcuu/lY3xdDc7wVmUmoxHCJI/lDCJY062QfQj7fAhIgylo
Ux9kblALUM0=
=u0gD
-----END PGP SIGNATURE-----

Closed
?
Your comment

This issue is archived.

To comment on this conversation send an email to 70249@patchwise.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 70249
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch