开发者

Emacs / CVS / OpenSSH: preventing password popup

开发者 https://www.devze.com 2023-01-06 22:14 出处:网络
I\'m using GNU Emacs on my Ubuntu netbook in fullscreen mode. When I edit files that are under version control and hit C-x v v to commit the latest changes, an OpenSSH popup window will open and ask m

I'm using GNU Emacs on my Ubuntu netbook in fullscreen mode. When I edit files that are under version control and hit C-x v v to commit the latest changes, an OpenSSH popup window will open and ask me for my password for the server on which my repository lives.

Unfortunately, because of the fullscreen mode, the popup window will not come up front and I cannot enter my password. But it's still somehow modal, so I also can't go back to emacs and, say, leave fullscreen mode either (or do anything else, like C-g). I'm basically trapped.

As an emacs user, I find the idea of popup windows disgusting anyway ;-) so ideally,开发者_如何学Python I'd like to be asked for the ssh password in the minibuffer. How can I tweak my setup to make that happen? (I prefer to type in my password every time instead of storing a keypair in ~/.ssh/).


You could use ssh-agent before launching emacs (or in another shell).


I'm speculating here, as I neither use CVS or vc within Emacs, however I presume that Emacs is shelling out to the appropriate program to perform the commit, and the password prompt is something entirely external to Emacs. So I suspect what you want to do is firstly find out which options are needed to do a GUI-less commit from your shell without Emacs, and then modify vc-checkin-switches (or define vc-cvs-checkin-switches) in Emacs to match (see defun vc-switches).


It's probably the ssh-askpass program kicking in, which I think looks at the DISPLAY environment variable to decide how to request the password. If set, it pops up a graphical window, and if not, it asks the TTY.

If the vcs subsystem detects when passwords are requested from the user (which is likely), then it's possible that you can unset $DISPLAY for subprocesses:

(setenv "DISPLAY" nil)

This might have other negative side-effects, though, so also check out "man ssh-askpass" in case something there might help.

(Disclaimer: I personally use a solution based on ssh-agent, which I strongly recommend.)


You can get ssh to multiplex all new connections to a server through existing connections. This means that as long as you have opened an ssh connection (say in a shell) new ones to the same remote host will not ask for a password. I use

Host *
    ControlPath ~/.ssh/master-%r@%h:%p
    ControlMaster auto
    ServerAliveInterval 30

in ~/.ssh/config to set this up.


While researching my main answer (above), I came across psvn for emacs. See this SO question/answer for more details: SVN for Emacs: how do you set author name and save password?

I thought you might also appreciate knowing about psvn, but I think the one about setting the PreferredAuthentications value on SSH is more directly applicable to the question you originally asked.


Try setting this in your environment somehow:

export CVS_RSH='ssh -o PreferredAuthentications="password"'

That should get it to stop attempting publickey authentication, which will also suppress the display of the graphical ssh-askpass. This works by specifying the SSH command that CVS will use for connecting to the remote server. Please note that this will apply to all CVS commands run from the context in which you set the environment variable.

You may also want to look into setting it up in your ~/.ssh/config. You can set options for each host separately. Here's a page that roughly shows how, although for forcing publickey auth. Please note that this will affect all SSH usage for your user account, not just for CVS. That may very well be what you're looking for, since you seem to prefer avoiding publickey auth. Here's an example of the block you'd add in ~/.ssh/config:

Host cvs

  Hostname cvs.your.corp
  User yourCVSusername
  PreferredAuthentications password

Alternately, you could change Host cvs to Host cvs.your.corp if your existing means of accessing this uses a FQDN instead of just a hostname.

Lastly, you could have your ~/.ssh/config file by just this one line (or add it to the top of your existing one):

PreferredAuthentications password

That will make the preference apply to all SSH connections to remote hosts.

Best of luck. I hope this gets you out of the modal dialog trap.

0

精彩评论

暂无评论...
验证码 换一张
取 消