tech-pkg: Re: Mozilla and Java

Subject: Re: Mozilla and Java
To: None <tech-pkg@NetBSD.org>
From: Jeremy C. Reed <reed@reedmedia.net>
List: tech-pkg
Date: 07/23/2003 18:28:30
On Wed, 23 Jul 2003, Soren Jacobsen wrote:

> On 07/23 17:14, Jeremy C. Reed wrote:
> > (I also need to figure out how to do my wip updates without having to
> > enter my sourceforge password manually each time... a few minutes later
> > ... I see that Sourceforge allows storing of public keys and has a "Edit
> > CVS/SSH Shared Keys" webpage.)
>
> Of course, you'll still need to enter a password (for your _key_, not
> account) if you go with key-based authentication. So then you have to

I should have also mentioned ssh-add ...

> use ssh-agent and ssh-add to get around entering a password.  However,
> that still won't help you much if you want to update wip in a nightly
> cron job or something similar. I've got some rather nasty shell tricks
> to get around this, and 'attach' to a running ssh-agent (which I always
> have running -- I hate typing passwords, and I'm not worried about
> physical safety in my basement) so that I only type my key's password
> once.

I'd like to try patching ssh-add so it can have a feature like pgp's
PGPPASSFD.

 SSHPASSFD=3 ssh-add 3</my/passphrase/file

Or:

 SSHPASSFD=0; export PGPPASSFD
 echo "my-pass-phrase" | ssh-add

(And if SSHPASSFD is not set, then behave normally.)

> I suppose the other option would be to use a passwordless key and avoid
> all the ssh-agent stuff.

I was thinking about that first, but I guess I don't trust someone
redistributing that passphrase-less key. (Or maybe that doesn't matter?)

> Or, now that I think about it, it might not be so difficult to just
> checkout via pserver and then make a wipcvs (or whatever) alias that
> would call cvs -d:ext:blah@cvs.sf.net:/cvsroot/pkgsrc-wip and you could
> use that for comitting.

I'll have to try that. I guess I don't have to do the checkout again -- I
can probably just fix the CVS/Root files or use "
-d:pserver:anonymous@cvs.sourceforge.net:/cvsroot/pkgsrc-wip"

That works for updating opax, but doesn't work here:

rainier:/usr/pkgsrc/wip$ cvs -d:pserver:anonymous@cvs.sourceforge.net:/cvsroot/pkgsrc-wip update -dP XFree86
cvs server: Updating XFree86
cvs server: cannot open directory /cvsroot/pkgsrc-wip/wip/XFree86: No such file or directory
cvs server: skipping directory XFree86

(I can updated XFree86 fine with ssh method fine.)


Thanks for your ideas, Soren.

   Jeremy C. Reed
   http://www.reedmedia.net/