[darcs-users] reimplementing darcs put

Trent W. Buck trentbuck at gmail.com
Tue Jun 8 15:18:32 UTC 2010


Petr Rockai wrote:
> trentbuck at gmail.com (Trent W. Buck) writes:
>> I suppose I could modify it trivially to (untested)
>>
>>     busybox httpd -f -p 12345 -h . &
>>     ssh -R 12345:127.0.0.1:12345 fs darcs get --complete http://127.0.0.1:12345 x
>>     kill $!
>>
>> ...which wouldn't require putting a key or password where the
>> remote host can sniff it.
>
> You should use SSH agent (with forwarding).

-oForwardAgent agent means trusting root on the remote host.  To the
extent possible, I prefer not to.  (When hop through gateways, I use
-oProxyCommand to similar effect.)

> Of course, the HTTP solution is better if you don't mind random
> users of the remote machine being able to get your repository while
> you are connected.

A reasonable point.  I hadn't considered that the repository itself
might be confidential.


More information about the darcs-users mailing list