Better handling for temporary SSH keys

G-Node / gin-auth

G-Node Infrastructure Authentication Provider

Other

6 stars 8 forks source link

Better handling for temporary SSH keys #97

Open gicmo opened 8 years ago

gicmo commented 8 years ago

With PR #96 the handling of temporary SSH keys was introduced. Currently they are time based, i.e their lifetime is limited to X minutes. This might be problematic for git-cli sessions involving git annex which uses rsync and thus might open new ssh connections. If that takes longer than X minutes auth to the ssh server will stop working.

achilleas-k commented 8 years ago

I considered this. My thinking is that once an rsync transfer starts, it doesn't matter if the key gets invalidated during the transfer. It will be an issue if git annex chains multiple transfers. I'll have to check the internals more closely.

gicmo commented 8 years ago

From a quick look it seems we should be safe and git-annex is indeed multiplexing the ssh connection.