https://bugzilla.mindrot.org/show_bug.cgi?id=2066
--- Comment #4 from Paul Wise <[email protected]> --- There are two keys: One is password-protected. This key is listed in the Hosts * IdentityFile in ~/.ssh/config and added to the ssh-agent with ssh-add -c, meaning it requires confirmation before use. The other is not password-protected. It is not added to the ssh-agent. Its use is command-limited on the server side to pulling from git repositories: command="/usr/bin/git-upload-pack ${SSH_ORIGINAL_COMMAND#* }",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa ... In order to use the passwordless key for git pull but not git push, I set GIT_SSH to a script that does this instead when connecting to a host that supports my passwordless key: unset SSH_AUTH_SOCK <--- This part is a workaround for this bug (2066) ssh -o 'ControlMaster auto' -o 'ControlPath ~/.ssh/git-control-%l->%r@%h:%p' -i ~/.ssh/my-git-key "$@" -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
