From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 974 invoked by alias); 12 Nov 2015 09:22:35 -0000 Mailing-List: contact cygwin-apps-help@cygwin.com; run by ezmlm Precedence: bulk Sender: cygwin-apps-owner@cygwin.com List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Mail-Followup-To: cygwin-apps@cygwin.com Received: (qmail 955 invoked by uid 89); 12 Nov 2015 09:22:35 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=1.7 required=5.0 tests=AWL,BAYES_50,KAM_LAZY_DOMAIN_SECURITY autolearn=no version=3.3.2 X-HELO: m0.truegem.net Received: from m0.truegem.net (HELO m0.truegem.net) (69.55.228.47) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES256-SHA encrypted) ESMTPS; Thu, 12 Nov 2015 09:22:33 +0000 Received: from localhost (mark@localhost) by m0.truegem.net (8.12.11/8.12.11) with ESMTP id tAC9MVZ1042192 for ; Thu, 12 Nov 2015 01:22:31 -0800 (PST) (envelope-from mark@maxrnd.com) Date: Thu, 12 Nov 2015 09:22:00 -0000 From: Mark Geisert To: cygwin-apps@cygwin.com Subject: Re: Still unable to 'git push' or ssh to sourceware -- resolved In-Reply-To: <20151110092122.GA7017@calimero.vinschen.de> Message-ID: References: <20151110092122.GA7017@calimero.vinschen.de> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-IsSubscribed: yes X-SW-Source: 2015-11/txt/msg00038.txt.bz2 On Tue, 10 Nov 2015, Corinna Vinschen wrote: > You're missing something important. The key you sent to sware and the > other key you sent to the cygwin-apps list are both the public part of > your keys. This public part of a key *never* requires a passphrase. > After all it's supposed to be readable by everyone, right? > > If ssh asks for a passphrase, it's your local, *private* key which is > encrypted using this passphrase. Therefore this has nothing to do with > ssh on the remote machine. It can't require passphrases since, > obviously, it doesn't know your private key. The private key never > leaves your local machine. So this asking for a passphrase is a local > problem on your machine which you would have to fix locally. > > Btw., I never saw the problem that a local key without passphrase results > in ssh asking for a passphrase. The difference in the keyfile (encrypted > vs. non-encrypted) is obvious to ssh: > > $ head -2 .ssh/my_key > -----BEGIN RSA PRIVATE KEY----- > Proc-Type: 4,ENCRYPTED Many thanks for this correction to my broken mental model of passphrases vs passwords. Between these nuggets-o-knowledge and a fix to my ~/.ssh/config (i.e. IdentityFile *must* refer to a private key file) I was able to 'git push' my cygutils updates to sourceware with my original key. I am now debugging a revised cygutils.cygport and figuring out where I can host the updated tar.xz packages for review. I've got a place in mind. Thanks again, ..mark