February 01, 2011
Mark Wielaard: New GPG key.
Finally created a new GPG key using gnupg. The old one was a DSA/1024 bits one and 8 years old. The new one is a RSA/2048 bits one. I will use the new one in the future to sign any release tarballs I might create. pub 2048R/57816A6A 2011-01-29 Key f...
More »
February 01, 2011
Andrew Hughes: [SECURITY] IcedTea6 1.7.8, 1.8.5, 1.9.5 Released!.
We are pleased to announce a new set of security releases, IcedTea6 1.7.8, IcedTea6 1.8.5 and IcedTea6 1.9.5.
This update contains the following security updates:
The IcedTea project provides a harness to build the source code from OpenJDK6 u...
More »
December/2024
Sun | Mon | Tue | Wed | Thu | Fri | Sat |
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 |
26 | 27 | 28 | 29 | 30 | 31 | | | | |
|
|
Using Mercurial over ssh without typing the password
We're using Mercurial. Our release engineering servers run web servers, so we can browse our repositories, just like the public NetBeans ones at http://hg.netbeans.org, and pull down new changesets anonymously. However, for authentication purposes, we also use ssh, so all pushes to the repository has to go through ssh.
$ cat .hg/hgrc
[paths]
default = http://our.server.sun.com/our/repository
default-push = ssh://our.server.sun.com//our/repository
(P.S. Notice how there are 2 slashes in the SSH path and only one in the http path - if you forget about that Bad Stuff(tm) happens.)
This means that whenever I pull (or determine incoming changes via hg incoming) it executes immediately, but whenever I want to push (or determine outgoing changes), I need to supply a password. And let's just say typing my password is not easy, since the password requirements at Sun (and shortly, Oracle) are really strict - no nice, short and simple passwords here!
I've been putting up with it for a year now - after all, it's just a couple of seconds here and a couple of seconds there - but I knew it should be possible to fix this, since back in my hardcore Solaris days I had all this stuff configured correctly via the ssh key agent so that I could ssh from one account to the next. On the other hand, I've googled it (mercurial + ssh) a couple of times, and the information I've found has always been for doing more complicated things (1,2) than the s...
Date: March, 02 2010
Url: http://blogs.sun.com/tor/entry/using_mercurial_over_ssh_without
Others News
|