iterative / dvc-ssh

SSH/SFTP plugin for dvc

Apache License 2.0

1 stars 3 forks source link

Deprecate `ask_*` options #12

Open daavoo opened 1 year ago

daavoo commented 1 year ago

Though, another thing to note is that ask_* options are a bit of a legacy thing coming from paramiko's limitations, and asyncssh might be raising proper exceptions that would allow us to distinguish when we need to ask password or a passphrase. If you could confirm that, maybe we can just make ask_password and password obsolete and not add new options at all.

_Originally posted by @efiop in https://github.com/iterative/dvc-ssh/pull/3#discussion_r949020461_

pmrowla commented 1 year ago

This can be done by implementing the interactive methods in an asyncssh client subclass, see the scmrepo/dulwich implementation: https://github.com/iterative/scmrepo/pull/255#issuecomment-1643515083

pmrowla commented 7 months ago

52 implements the interactive methods required for 2fa with sshd `ChallengeResponseAuthentication`/`KbdInteractiveAuthentication` but is not a complete enough implementation to deprecate the current password/passphrase prompts entirely

This would need testing with more sshd configs in the future before it's probably safe to drop the ask_* options

iterative / dvc-ssh

Deprecate `ask_*` options #12

52 implements the interactive methods required for 2fa with sshd ChallengeResponseAuthentication/KbdInteractiveAuthentication but is not a complete enough implementation to deprecate the current password/passphrase prompts entirely

52 implements the interactive methods required for 2fa with sshd `ChallengeResponseAuthentication`/`KbdInteractiveAuthentication` but is not a complete enough implementation to deprecate the current password/passphrase prompts entirely