GNU bug report logs - #71678
Support git commits signed with ssh keys in guix git authenticate

Previous Next

Package: guix;

Reported by: MSavoritias <email <at> msavoritias.me>

Date: Thu, 20 Jun 2024 14:02:01 UTC

Severity: normal

Done: jgart <jgart <at> dismail.de>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: MSavoritias <email <at> msavoritias.me>
Subject: bug#71678: closed (Re: Support git commits signed with ssh keys
 in guix git authenticate)
Date: Mon, 01 Jul 2024 14:22:03 +0000

[Message part 1 (text/plain, inline)]
Your bug report

#71678: Support git commits signed with ssh keys in guix git authenticate

which was filed against the guix package, has been closed.

The explanation is attached below, along with your original report.
If you require more details, please reply to 71678 <at> debbugs.gnu.org.

-- 
71678: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=71678
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]
From: jgart <jgart <at> dismail.de>
To: 71678-done <at> debbugs.gnu.org
Cc: MSavoritias <email <at> msavoritias.me>
Subject: Re: Support git commits signed with ssh keys in guix git authenticate
Date: Mon, 01 Jul 2024 09:21:02 -0500

Hi MSavoritias,

Feel free to send a patch when libgit2 gets support so we can discuss
this addition further amongst the Guix community. Additionally, I would
send your idea to the guix-devel mailing list before sending patches to
see what people think there.

I am going to close this issue for now to keep the backlog of open issues down
since this will probably be a while.

-- 
all the best,
jgart


[Message part 3 (message/rfc822, inline)]
From: MSavoritias <email <at> msavoritias.me>
To: bug-guix <at> gnu.org
Subject: Support git commits signed with ssh keys in guix git authenticate
Date: Thu, 20 Jun 2024 17:00:44 +0300

Hey,

I sign all my commits and tags and such in git with SSH keys and I
would like to be able to use `guix git authenticate` to have a secure
channel pull mechanism.

After doing some testing myself and reading the guide here
https://guix.gnu.org/manual/devel/en/html_node/Specifying-Channel-Authorizations.html
it seems Guix doesn't support git commits that have been signed with
SSH keys.

Personally for security reasons mainly I do not use gpnupg and ssh
support has been in git for a while. Namely November 2021.
https://lore.kernel.org/git/xmqq8rxpgwki.fsf <at> gitster.g/

Reading libgit2 issues it seems it is not supported yet
https://github.com/libgit2/libgit2/issues/6397
So lets circle back to this when it actually merges support :D

Regards,
MSavoritias
This bug report was last modified 361 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.