[ANN] SSHPassKey 1.0
[ANN] SSHPassKey 1.0
- Subject: [ANN] SSHPassKey 1.0
- From: Bill Bumgarner <email@hidden>
- Date: Tue, 8 Jan 2002 13:48:06 -0500
I was getting tired of having to (a) deal w/ssh public key authorization,
(b) effectively making my cvs servers trust everyone (in that PBX's SCM
integration requires no password authentication) and (c) not being able to
use PBX's CVS integration with any cvs server that requires a password.
The referenced app is working well for me with several different
repositories (including sourceforge.net). It includes keychain support,
so you only have to type in the password once per *server* (not just
project/workarea). Easy to install-- double click the app and click the
'configure' button.
Lots of details in the README.
Source is available from mosxland.sourceforge.net:
cvs -d
:pserver:email@hidden:/cvsroot/mosxland login
<< no password >>
cvs -d
:pserver:email@hidden:/cvsroot/mosxland -z6 -q
co SSHPassKey
Or you can grab the binary:
http://www.codefab.com/unsupported/SSHPassKey.app.sit
Please let me know if you have any problems. You shouldn't, but testing
wasn't exactly extensive (though it has been working well for others, too)
. The app DOES overwrite the 'PBXExtraPlugInFolders' preference in the
com.apple.ProjectBuilder domain-- it is extremely unlikely that anyone
outside of Apple uses that default. If someone can explain to me how to
make the array form of that default work, the code is all there to make it
preserve any prior value. If you aren't sure whether or not you use that
default, do this prior to configuring the app:
defaults read com.apple.ProjectBuilder PBXExtraPlugInFolders
If it comes back with "(null)", then there is nothing to be overwritten.
Now I'm just tired....
b.bum
---
From the README:
SSHPassKey is a simple application that can be used by ssh to ask for a
password when not running ssh in a unix shell window. SSHPassKey can
optionally store the passwords into the user's keychain. When stored in
the keychain, any subsequent request for that password will be
automatically handled by SSHPassKey.
SSHPassKey includes a Project Builder plugin inside the app wrapper that
can automatically configure Project Builder's CVS module to use SSHPassKey
to for any password requests from ssh. The bundle can be automatically
installed and configured by running SSHPassKey from the finder and
clicking the Configure Project Builder to use SSH Ask Key found at the
bottom of the README window. The button simply writes some defaults into
the com.apple.ProjectBuilder defaults domain; the plugin provides UI for
viewing the defaults. If the SSHPassKey app is moved, simply launch from
the Finder and click the configure button again and the app will update
the defaults to reflect the new location (otherwise, the CVS module's
behavior will revert back to whatever it was prior to the installation of
SSHPassKey).
Simply click the Revert Project Builder to Default CVS Behavior to remove
the four defaults from Project Builder's defaults domain to uninstall the
pluging and disable the use of SSHPassKey. SSHPassKey cannot validate
passwords or detect when a password changes. If a password stored in the
keychain is incorrect or changes, the entry can be deleted using the
Keychain Access application provided with OS X. Passwords are stored in
the keychain by server name. If multiple accounts are used with a single
server, the account can be viewed in Keychain Access by using the Get Info
feature.
If more than one SSHPassKey application is asking for the same password,
the user only needs to type the password in once. Each instance of
SSHPassKey monitors the keychain for changes and automatically rechecks
for password availability any time a password has been added to or
modified within a keychain.
SSHPassKey makes no attempt to hide its app icon on the dock. The dock
icon ensures that the password entry window is always just a click away --
handy when it becomes buried under numerous PB windows.
Using SSHPassKey Universally
By setting a couple of environment variables, SSHPassKey is automatically
used by ssh whenever it needs a password, but is running without
connection to TTY (i.e. running somewhere other than a shell window). This
includes contexts outside of Project Builder (and, due to a bug in the
Finder/Dock, will not always apply to PB anyway). OS X provides a
mechanism for setting environment variables across all applications.
Simply write the file ~/.MacOSX/environment.plist to contain the
environment variables you need to have set. An example:
{
CVS_RSH=ssh;
DISPLAY=localhost;
SSH_ASKPASS="/Applications/SSHPassKey.app/Contents/MacOS/SSHPassKey";
}
This assumes that SSHPassKey is installed in /Applications. The DISPLAY
variable [likely -- it used to] must be set to a value; the actual value
doesn't matter.Normally, it would be set to the X11 display to be used. In
this context, the value is simply used to signal to ssh that a display
device is available. The CVS_RSHsetting simply ensures that cvswill use
sshfor all client/server communications. It willnot affect communication
with local or pserver based repositories.SSH_ASKPASSmust be the absolute
path to the actual binary within the application wrapper.
Unfortunately, the above mechanism is broken for applications that are
launched directly from the Finder or Dock. To launch Project Builder, for
example, such that it picks up the above environment variables, go to a
Terminal window and use the open command to open a project.