This patch resets the permissions of the ssh secret key to 600, which is necessary for ssh to accept the key for use in connecting to the servers. It also automatically prompts for unlock if the repository is still git-crypt locked.
While git claims to track the mode of files, it only tracks two components: file type (file/directory/symlink) and the execute bit. It presumes that the rest of the bits should be set as 644, which breaks ssh because the key permissions need to be 600. Any git-crypt operation (even unlocking an already unlocked repo) also makes doing this necessary.
This patch resets the permissions of the ssh secret key to 600, which is necessary for ssh to accept the key for use in connecting to the servers. It also automatically prompts for unlock if the repository is still git-crypt locked.
While git claims to track the mode of files, it only tracks two components: file type (file/directory/symlink) and the execute bit. It presumes that the rest of the bits should be set as 644, which breaks ssh because the key permissions need to be 600. Any git-crypt operation (even unlocking an already unlocked repo) also makes doing this necessary.
Signed-off-by: Amy Parker amy@amyip.net