Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

agent: add --key-dir as a flag, and warn if key dir is a symlink. #14

Merged
merged 3 commits into from
Aug 6, 2023
Merged

agent: add --key-dir as a flag, and warn if key dir is a symlink. #14

merged 3 commits into from
Aug 6, 2023

Conversation

andersju
Copy link
Contributor

@andersju andersju commented Aug 2, 2023
edited
Loading

I noticed that ssh-tpm-agent won't load keys if $HOME/.ssh is a symlink (and won't complain either), because filepath.WalkDir doesn't follow symbolic links. Made me scratch my head for a minute :) I really don't know much about Go, but this seems like a simple fix. Thanks for a sweet tool!

Edit - changed to: add --key-dir as a flag, and warn if key dir is a symlink. (See below.)

@Foxboron
Copy link
Owner

Foxboron commented Aug 2, 2023

Symlinks are generally a bit iffy so I need to think a little bit about scenarios here.

Usually you don't want to arbitrary eval these things. Thoughts @stigtsp?

Can run the test suite and probably iterate on it thought, thanks!

@andersju andersju temporarily deployed to Build, sign, release binaries August 2, 2023 21:13 — with GitHub Actions Inactive
@andersju andersju temporarily deployed to Build, sign, release binaries August 2, 2023 21:13 — with GitHub Actions Inactive
@andersju andersju temporarily deployed to Build, sign, release binaries August 2, 2023 21:13 — with GitHub Actions Inactive
@andersju
Copy link
Contributor Author

andersju commented Aug 2, 2023

Yeah, I wasn't sure; maybe just warn if ~/.ssh is not a directory, or if no keys were loaded, and/or make the path configurable (this comment might be better suited for #3 I realize).

@stigtsp
Copy link
Contributor

stigtsp commented Aug 3, 2023

Imho, an argument to the agent specifying a key dir makes more sense, for cases where you want keys to be stored somewhere else.

@Foxboron
Copy link
Owner

Foxboron commented Aug 5, 2023

Yeah, I wasn't sure; maybe just warn if ~/.ssh is not a directory, or if no keys were loaded, and/or make the path configurable (this comment might be better suited for #3 I realize).

Lets implement --key-dir as a flag and rather warn if ~/.ssh is a symlink :)

Would you be interested doing the work? It shouldn't be very hard.

@andersju andersju force-pushed the fix/follow-sshdir-symlink branch from 14a1f24 to ffeafa3 Compare August 5, 2023 22:39
@andersju
Copy link
Contributor Author

andersju commented Aug 5, 2023

Yeah, I wasn't sure; maybe just warn if ~/.ssh is not a directory, or if no keys were loaded, and/or make the path configurable (this comment might be better suited for #3 I realize).

Lets implement --key-dir as a flag and rather warn if ~/.ssh is a symlink :)

Would you be interested doing the work? It shouldn't be very hard.

Sure! See latest commit. I rebased and added --key-dir and a warning. Moved GetSSHDir() to utils (couldn't think of anything better than misc at the moment, and it felt misc-y).

@Foxboron
Copy link
Owner

Foxboron commented Aug 6, 2023

Looks great, thank you!

utils (couldn't think of anything better than misc at the moment, and it felt misc-y).

It could probably just stay inside utils.go frankly. No use having a single file for one function :)

@andersju andersju temporarily deployed to Build, sign, release binaries August 6, 2023 09:09 — with GitHub Actions Inactive
@andersju andersju temporarily deployed to Build, sign, release binaries August 6, 2023 09:09 — with GitHub Actions Inactive
@andersju andersju temporarily deployed to Build, sign, release binaries August 6, 2023 09:09 — with GitHub Actions Inactive
@Foxboron Foxboron changed the title agent: evaluate symlinks in GetSSHDir agent: add --key-dir as a flag, and warn if key dir is a symlink. Aug 6, 2023
@andersju
Copy link
Contributor Author

andersju commented Aug 6, 2023

It could probably just stay inside utils.go frankly. No use having a single file for one function :)

👍 renamed it

@Foxboron
Copy link
Owner

Foxboron commented Aug 6, 2023

Thanks!

@Foxboron Foxboron merged commit 88453f0 into Foxboron:master Aug 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@andersju @Foxboron @stigtsp