diff options
author | elijah <elijah@riseup.net> | 2014-05-21 16:44:31 -0700 |
---|---|---|
committer | elijah <elijah@riseup.net> | 2014-05-21 16:44:31 -0700 |
commit | 894cc96b149363208bb86ffe035699e6648351e0 (patch) | |
tree | ed7e124b09769a1b2d2338369633e62e34dbefc0 | |
parent | 7f89d03d68f96e692da2653db30f8aae2ac1729b (diff) | |
download | leap_cli-894cc96b149363208bb86ffe035699e6648351e0.tar.gz leap_cli-894cc96b149363208bb86ffe035699e6648351e0.tar.bz2 |
fix, once and for all and forever, ssh problems with a weird kludge
-rw-r--r-- | lib/leap_cli/util/remote_command.rb | 27 |
1 files changed, 26 insertions, 1 deletions
diff --git a/lib/leap_cli/util/remote_command.rb b/lib/leap_cli/util/remote_command.rb index 6972bbb..b4b2b1f 100644 --- a/lib/leap_cli/util/remote_command.rb +++ b/lib/leap_cli/util/remote_command.rb @@ -48,9 +48,34 @@ module LeapCli; module Util; module RemoteCommand # # For available options, see http://net-ssh.github.com/net-ssh/classes/Net/SSH.html#method-c-start # + # Capistrano has some very evil behavior in it's ssh.rb: + # + # ssh_options = Net::SSH.configuration_for( + # server.host, ssh_options.fetch(:config, true) + # ).merge(ssh_options) + # # Once we've loaded the config, we don't need Net::SSH to do it again. + # ssh_options[:config] = false + # + # Net:SSH is supposed to call Net::SSH.configuration_for, but Capistrano is doing it + # in advance and then disabling loading of configs. + # + # The result of this is the following: if you have IdentityFile in your ~/.ssh/config + # file, then the above code will transform the ssh_options by reading ~/.ssh/config + # and adding the keys specified via IdentityFile to ssh_options... + # AND IT WILL SET :keys_only TO TRUE. + # + # The problem is that :keys_only will disable Net:SSH's ability to use ssh-agent. + # With :keys_only set to true, it will not consult the ssh-agent at all. + # + # So nice of capistrano to parse ~/.ssh/config for us, but then add flags to the + # ssh_options that prevent's these options from being useful. + # + # The current hackaround is to force :keys_only to be false. This allows the config + # to be read and also allows ssh-agent to still be used. + # def ssh_options { - :config => "~/.ssh/config", + :keys_only => false, # Don't you dare change this. :global_known_hosts_file => path(:known_hosts), :user_known_hosts_file => '/dev/null', :paranoid => true |