'Re: [gentoo-dev] [PSA] If you ssh interactively to git.gentoo.org (somehow) let me know.'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       gentoo-dev
Subject:    Re: [gentoo-dev] [PSA] If you ssh interactively to git.gentoo.org (somehow) let me know.
From:       Alec Warner <antarus () gentoo ! org>
Date:       2020-04-27 17:34:20
Message-ID: CAAr7Pr9UFvTzMBdp2Hyv2o=Ji0M=tk5k9GOJ1pRdsAWDLpyNNw () mail ! gmail ! com
[Download RAW message or body]

On Mon, Apr 27, 2020 at 7:04 AM Kent Fredric <kentnl@gentoo.org> wrote:

> On Mon, 27 Apr 2020 09:43:44 -0400
> Mike Gilbert <floppym@gentoo.org> wrote:
>
> > He was replying to me. Your master connection will continue to work
> > just fine, as I said in my previous message.
>
> I must have lost something in grammar, because no matter how many times I
> read:
>
> > If you are authenticating that master connection as the "git" user, I
> > suspect it will not affect you. If you are using it to push to
> > gentoo.git, that is almost certainly the case.
>
> I interpret that as:
>
> - Anonymous fetch is fine
> - Authorised Push will fail
>

"If you are authenticating the master connection as the 'git' user then
this change will not affect you.
"If you are using controlmaster to push to git.gentoo.org, then you are
definitely authenticating as user=git because there is no other way to
commit to ::gentoo."


>
> But I guess my mistake is in that we don't push with "user@git ...", we
> push with "git@ ... ", and the SSH key is the gate keeper of "push will
> work", not the UID.
>
> Right?
>

A working ssh key for user=git is a necessary (but not sufficient)
component of a successful git push.


>
> So assuming you're using git@ for fetch *and* push, *then* it will
> continue to work.
>
> Right?
>

Correct.


>
> Forgive me for any potential idiocy, language and remembering the
> details of everything all the time is hard.
>

I don't actually expect people to know these details.

[Attachment #3 (text/html)]

<div dir="ltr"><div dir="ltr">On Mon, Apr 27, 2020 at 7:04 AM Kent Fredric &lt;<a \
href="mailto:kentnl@gentoo.org">kentnl@gentoo.org</a>&gt; wrote:<br></div><div \
class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px \
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On Mon, 27 Apr 2020 \
09:43:44 -0400<br> Mike Gilbert &lt;<a href="mailto:floppym@gentoo.org" \
target="_blank">floppym@gentoo.org</a>&gt; wrote:<br> <br>
&gt; He was replying to me. Your master connection will continue to work<br>
&gt; just fine, as I said in my previous message.<br>
<br>
I must have lost something in grammar, because no matter how many times I read:<br>
<br>
&gt; If you are authenticating that master connection as the &quot;git&quot; user, \
I<br> &gt; suspect it will not affect you. If you are using it to push to<br>
&gt; gentoo.git, that is almost certainly the case.<br>
<br>
I interpret that as:<br>
<br>
- Anonymous fetch is fine<br>
- Authorised Push will fail<br></blockquote><div><br></div><div>&quot;If you  are \
authenticating the master connection as the &#39;git&#39; user then this change will \
not affect you.</div><div>&quot;If you are using controlmaster to push to <a \
href="http://git.gentoo.org">git.gentoo.org</a>, then you are definitely \
authenticating as user=git because there is no other way to commit to \
::gentoo.&quot;</div><div>  </div><blockquote class="gmail_quote" style="margin:0px \
0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"> <br>
But I guess my mistake is in that we don&#39;t push with &quot;user@git ...&quot;, \
we<br> push with &quot;git@ ... &quot;, and the SSH key is the gate keeper of \
&quot;push will<br> work&quot;, not the UID.<br>
<br>
Right?<br></blockquote><div><br></div><div>A working ssh key for user=git is a \
necessary (but not sufficient) component of a successful git push.</div><div>  \
<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px \
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><br> So assuming \
you&#39;re using git@ for fetch *and* push, *then* it will<br> continue to work.<br>
<br>
Right?<br></blockquote><div><br></div><div>Correct.</div><div>  </div><blockquote \
class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid \
rgb(204,204,204);padding-left:1ex"> <br>
Forgive me for any potential idiocy, language and remembering the<br>
details of everything all the time is hard.<br></blockquote><div><br></div><div>I \
don&#39;t actually expect people to know these details.</div></div></div>



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic