Skip to content

dulwich: support interactive SSH key passphrase prompt in asyncssh vendor #255

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 25, 2023
Merged

dulwich: support interactive SSH key passphrase prompt in asyncssh vendor #255

merged 1 commit into from
Jul 25, 2023

Conversation

pmrowla
Copy link
Contributor

@pmrowla pmrowla commented Jul 20, 2023

Closes iterative/dvc#9737

  • Makes scmrepo behave the same as git when prompting for a passphrase
$ dvc import git@github.com:pmrowla/test-dvc-private.git data/data.xml
Importing 'data/data.xml (git@github.com:pmrowla/test-dvc-private.git)' -> 'data.xml'
Cloning test-dvc-private.git|                             |0.00/? [00:00,      ?obj/s]
Enter passphrase for key '~/git/scratch/test-ssh-passphrase/id_ed25519':

To track the changes with git, run:

        git add data.xml.dvc

To enable auto staging, run:

        dvc config core.autostage true

@pmrowla pmrowla self-assigned this Jul 20, 2023
@pmrowla
Copy link
Contributor Author

pmrowla commented Jul 20, 2023

We should also probably consider using a similar InteractiveSSHClient implementation in dvc-ssh instead of using the current ask_password/ask_passphrase options (which require the user to use those remote flags and prompt before we try to make any SSH connection or try any specific SSH keys)

related: iterative/dvc-ssh#3

@codecov-commenter
Copy link

codecov-commenter commented Jul 20, 2023
edited
Loading

Codecov Report

Patch coverage: 30.90% and project coverage change: -0.67 ⚠️

Comparison is base (c29edf7) 80.98% compared to head (4980cba) 80.31%.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #255      +/-   ##
==========================================
- Coverage   80.98%   80.31%   -0.67%     
==========================================
  Files          27       27              
  Lines        4059     4114      +55     
  Branches      719      727       +8     
==========================================
+ Hits         3287     3304      +17     
- Misses        647      681      +34     
- Partials      125      129       +4
Impacted Files Coverage Δ
src/scmrepo/git/backend/dulwich/asyncssh_vendor.py 61.32% <30.90%> (-13.28%) ⬇️

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

@pmrowla
Copy link
Contributor Author

pmrowla commented Jul 20, 2023

On the scmrepo side, some of this could also be generalized a bit more and re-used in git.credentials to implement full support for SSH auth in pygit2/libgit2 (which will require loading keys via asyncssh and then passing them into the pygit2 credential callbacks), but that can be done in a follow-up PR if/when needed

@pmrowla pmrowla force-pushed the asyncssh-interactive-passphrase branch from 39578bd to 4980cba Compare July 20, 2023 08:42
@efiop
Copy link
Contributor

efiop commented Jul 20, 2023

Good to know there is a way to detect key errors with asyncssh. That ask_pass stuff is from paramiko days, where it didn't have that mechanism.

@pmrowla pmrowla merged commit 2f9c281 into iterative:main Jul 25, 2023
@pmrowla pmrowla deleted the asyncssh-interactive-passphrase branch July 25, 2023 07:24
@pmrowla pmrowla mentioned this pull request Jul 25, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
1 more reviewer

@efiop efiop efiop approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees

@pmrowla pmrowla

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

import: failing with SSH key-based authentication from a GitHub repo
3 participants
@pmrowla @codecov-commenter @efiop