Thanks very much for the feedback and implementation suggestions.
If the only thing you are interested in supporting is a one-shot
invocation, i.e. giving which identity file to use from the command
line when you run either git push or git fetch,
Yes, this is the new option that could benefit the most people.
I think this workflow would be very fast and make it very easy to have
1 key per project right where you need it:
```
mkdir project
cd project
ssh-keygen -t rsa -N -f deploy.key
git init
echo deploy.key* .gitignore
echo Hello world readme.md
git add .
git commit -m Initial commit
git remote add origin g...@github.com:breck7/project.git
git push -u origin master -ssh -i deploy.key
```
This probably wouldn't be the option used most frequently, but could
be a neat option to have for both power users and new users.
For power users, I could see this being useful if you have many
projects that all have different keys.
For new users, I could see this is as a quick way to get out of
trouble if you are running into ssh problems.
-Breck
On Thu, Sep 12, 2013 at 8:43 AM, Junio C Hamano gits...@pobox.com wrote:
Jeff King p...@peff.net writes:
We already have GIT_SSH, so I would expect:
GIT_SSH='ssh -i $HOME/.ssh/id_for_example_com' git push
to work. But sadly, GIT_SSH does not use the shell, unlike most other
configure git commands. :(
You read me correctly ;-)
We could consider it a consistency bug and fix it, though I suspect we
may be annoying people on Windows who have spaces in their paths.
Again, you read me correctly ;-)
You could write a credential helper shell script that knows about
classes of remotes (e.g., selecting an identity file based on the
hostname), and write only a few lines to cover a large number of hosts.
Yes, but the same trick can be used in $HOME/.ssh/config to let one
entry cover the same large number of hosts, so...
For example:
#!/bin/sh
test $1 = get || exit 0
while IFS== read key val; do
test $key = host || continue
case $val in
*.example.com) echo sshident=com_key ;;
*.example.net) echo sshident=net_key ;;
esac
done
But it feels a bit hacky to be using the credential helpers at all for
ssh connections.
Yeah, perhaps.
--
To unsubscribe from this list: send the line unsubscribe git in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html