Skip to content

Latest commit

 

History

History
54 lines (43 loc) · 2.73 KB

README.md

File metadata and controls

54 lines (43 loc) · 2.73 KB
Raw

git-id

Portable dumb identity management for Git, the stupid content tracker.

Project status

Totally non-functional. I went on a tangent on implementing a library to interact with ssh_config, wanting to make it beautiful. ssh_config is really, quite ugly.

$ git id init # Include git-id.conf in ~/.ssh/config
$ git id remote add gh github.com
$ git id add gh default ~/.ssh/id_rsa --username jtagcat --email '[email protected]'
$ git id add gh work ~/.ssh/work_sk --username irlname --email '[email protected]' --description 'Evilcorp'

$ git id clone work [email protected]:evilcorp/private_repo.git # clone using id:work
$ cd private_repo
$ git id default # switch from id:work to id:default
$ git push
ERROR: Permission to evilcorp/private_repo.git denied to jtagcat.

TODO: instructions for zsh/othershell automatic alias "git clone"="git id clone <id>" (can be done with func: case: "$@")

How it works

     PUSH github.com
Git ─────────────────► SSH             ~/.ssh/id_rsa SSH github.com
 jtagcat                │                ▲
 [email protected]        │                │
                        ▼                │
                ~/.ssh/git-id.conf       │
                  MATCH originalhost github.com

    PUSH work.gh.git-id
Git ───────────────────► SSH  ┌──────► ~/.ssh/work_sk SSH github.com
 irlname                  │   │
 [email protected]             │   │
                          ▼
                  ~/.ssh/git-id.conf
                    HOST work.gh.git-id ─► work_sk                                    Created with
                    HOST    *.gh.git-id ─► github.com          https://github.com/lewish/asciiflow

So, git-id is here to implement basic git identity management without dependencies: something simple to use, something that just works when you need to push a commit from your work, other work, or h4ck3r account, to the same remote host.

The reliable™ hijack depends on ssh_config, and 2 git configurations:

  • The domain/host inside the git remote url is changed to a pseudohost (later picked up by ssh_config). This is essentially a coded message to SSH for 'please use this identity'
  • core.sshCommand - this is used to force git (repo) to use a specific ssh_config file(s) (removing the possibility that the default gets picked up)
  • ssh_config matches the pseudohost to a (requested) ssh key, and changes back to the real host.

Besides organizing the hijcak, git-id sets Git user.name and user.email, and keeps a list of identities, their purpose and their usage (for later mass-changes).