git-annex/doc/design/assistant/sshpassword.mdwn

Currently the assistant sets up dedicated ssh keys, that can just use
git-annex. This is ok. The problem is that the initial 2 connections to the
ssh server when setting up these keys involve a password prompt, which is
done at the console unless the system happens to have a working ssh agent
that can pop up a dialog. That can be confusing.

It would be nice to have the webapp prompt for the password. Can it be done
securely?

This might come down to a simple change to the webapp to prompt for the
password, and then rather a lot of pain to make the webapp use HTTPS so we
can be pretty sure noone is sniffing the (localhost) connection.
roadmap for next year's work 2013-07-23 22:46:09 +00:00			`Currently the assistant sets up dedicated ssh keys, that can just use`
			`git-annex. This is ok. The problem is that the initial 2 connections to the`
			`ssh server when setting up these keys involve a password prompt, which is`
			`done at the console unless the system happens to have a working ssh agent`
			`that can pop up a dialog. That can be confusing.`

			`It would be nice to have the webapp prompt for the password. Can it be done`
			`securely?`

			`This might come down to a simple change to the webapp to prompt for the`
			`password, and then rather a lot of pain to make the webapp use HTTPS so we`
			`can be pretty sure noone is sniffing the (localhost) connection.`