Thread (11 messages) 11 messages, 4 authors, 2023-01-25

Re: [PATCH] ssh signing: better error message when key not in agent

From: Phillip Wood <hidden>
Date: 2023-01-18 11:56:04 

Hi Adam

On 18/01/2023 08:17, Adam Szkoda via GitGitGadget wrote:
From: Adam Szkoda <redacted>

When signing a commit with a SSH key, with the private key missing from
ssh-agent, a confusing error message is produced:

     error: Load key
     "/var/folders/t5/cscwwl_n3n1_8_5j_00x_3t40000gn/T//.git_signing_key_tmpkArSj7":
     invalid format? fatal: failed to write commit object

The temporary file .git_signing_key_tmpkArSj7 created by git contains a
valid *public* key.  The error message comes from `ssh-keygen -Y sign' and
is caused by a fallback mechanism in ssh-keygen whereby it tries to
interpret .git_signing_key_tmpkArSj7 as a *private* key if it can't find in
the agent [1].  A fix is scheduled to be released in OpenSSH 9.1. All that
needs to be done is to pass an additional backward-compatible option -U to
'ssh-keygen -Y sign' call.  With '-U', ssh-keygen always interprets the file
as public key and expects to find the private key in the agent.
The documentation for user.signingKey says

  If gpg.format is set to ssh this can contain the path to either your 
private ssh key or the public key when ssh-agent is used.

If I've understood correctly passing -U will prevent users from setting 
this to a private key.

Best Wishes

Phillip
quoted hunk ↗ jump to hunk
As a result, when the private key is missing from the agent, a more accurate
error message gets produced:

     error: Couldn't find key in agent

[1] https://bugzilla.mindrot.org/show_bug.cgi?id=3429

Signed-off-by: Adam Szkoda <redacted>
---
     ssh signing: better error message when key not in agent
     
     When signing a commit with a SSH key, with the private key missing from
     ssh-agent, a confusing error message is produced:
     
     error: Load key "/var/folders/t5/cscwwl_n3n1_8_5j_00x_3t40000gn/T//.git_signing_key_tmpkArSj7": invalid format?
     fatal: failed to write commit object
     
     
     The temporary file .git_signing_key_tmpkArSj7 created by git contains a
     valid public key. The error message comes from `ssh-keygen -Y sign' and
     is caused by a fallback mechanism in ssh-keygen whereby it tries to
     interpret .git_signing_key_tmpkArSj7 as a private key if it can't find
     in the agent [1]. A fix is scheduled to be released in OpenSSH 9.1. All
     that needs to be done is to pass an additional backward-compatible
     option -U to 'ssh-keygen -Y sign' call. With '-U', ssh-keygen always
     interprets the file as public key and expects to find the private key in
     the agent.
     
     As a result, when the private key is missing from the agent, a more
     accurate error message gets produced:
     
     error: Couldn't find key in agent
     
     
     [1] https://bugzilla.mindrot.org/show_bug.cgi?id=3429

Published-As: https://github.com/gitgitgadget/git/releases/tag/pr-git-1270%2Fradicle-dev%2Fmaint-v1
Fetch-It-Via: git fetch https://github.com/gitgitgadget/git pr-git-1270/radicle-dev/maint-v1
Pull-Request: https://github.com/git/git/pull/1270

  gpg-interface.c | 1 +
  1 file changed, 1 insertion(+)

diff --git a/gpg-interface.c b/gpg-interface.c
index 280f1fa1a58..4a5913ae942 100644
--- a/gpg-interface.c
+++ b/gpg-interface.c
@@ -1022,6 +1022,7 @@ static int sign_buffer_ssh(struct strbuf *buffer, struct strbuf *signature,
  	strvec_pushl(&signer.args, use_format->program,
  		     "-Y", "sign",
  		     "-n", "git",
+		     "-U",
  		     "-f", ssh_signing_key_file,
  		     buffer_file->filename.buf,
  		     NULL);

base-commit: e54793a95afeea1e10de1e5ad7eab914e7416250
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help