* Default ssh command
@ 2021-07-07 1:35 Aaron Hall
2021-07-07 1:48 ` Junio C Hamano
0 siblings, 1 reply; 5+ messages in thread
From: Aaron Hall @ 2021-07-07 1:35 UTC (permalink / raw)
To: git
I was trying to push some binary files (PNGs) over ssh and found some
files inexplicably wouldn't successfully push.
I set, in my .gitconfig file:
[core]
sshCommand = ssh -e none
And it works now for all files (that I can tell).
From a close examination of the output where I noted escape codes
showing up, I believe the problem to be ssh escape codes.
`\n~.` for example closes the ssh client.
Therefore I think the default ssh command should be `ssh -e none`
instead of `ssh` for the benefit of users who won't recognize the
problem, unless `git` is expected to make use of ssh escape codes.
I'm new to the mailing list, sorry if I missed some protocol here.
Thank you so much for working on `git` and making your work
available to the rest of the world. Cheers!
^ permalink raw reply [flat|nested] 5+ messages in thread* Re: Default ssh command 2021-07-07 1:35 Default ssh command Aaron Hall @ 2021-07-07 1:48 ` Junio C Hamano [not found] ` <CADrEZfGHAi=Lr6QMsJbXGy1Rs9VDzTVxQPNH4xHHj6ataEAvVA@mail.gmail.com> 0 siblings, 1 reply; 5+ messages in thread From: Junio C Hamano @ 2021-07-07 1:48 UTC (permalink / raw) To: Aaron Hall; +Cc: git Aaron Hall <aaronchallmba@gmail.com> writes: > I was trying to push some binary files (PNGs) over ssh and found some > files inexplicably wouldn't successfully push. > > I set, in my .gitconfig file: > > [core] > sshCommand = ssh -e none > > And it works now for all files (that I can tell). > > From a close examination of the output where I noted escape codes > showing up, I believe the problem to be ssh escape codes. > > `\n~.` for example closes the ssh client. > > Therefore I think the default ssh command should be `ssh -e none` > instead of `ssh` for the benefit of users who won't recognize the > problem, unless `git` is expected to make use of ssh escape codes. Curious. When we use ssh to run the receive-pack over the wire while pushing, we do not ask for pty, and because the "-e" option to set the escape character is meaningful only when ssh runs with pty allocated, you shouldn't have to do this, unless you force pty allocation by e.g. passing "-t" yourself. ^ permalink raw reply [flat|nested] 5+ messages in thread
[parent not found: <CADrEZfGHAi=Lr6QMsJbXGy1Rs9VDzTVxQPNH4xHHj6ataEAvVA@mail.gmail.com>]
[parent not found: <CADrEZfHJZT47nNZJ8v2T4vOJkMN7ccaai6DKdzFLF8Zoc42hWw@mail.gmail.com>]
* Re: Default ssh command [not found] ` <CADrEZfHJZT47nNZJ8v2T4vOJkMN7ccaai6DKdzFLF8Zoc42hWw@mail.gmail.com> @ 2021-07-07 2:13 ` Aaron Hall 2021-07-07 13:29 ` brian m. carlson 0 siblings, 1 reply; 5+ messages in thread From: Aaron Hall @ 2021-07-07 2:13 UTC (permalink / raw) To: git > When we use ssh to run the receive-pack over the wire while pushing, > we do not ask for pty, and because the "-e" option to set the escape > character is meaningful only when ssh runs with pty allocated, you > shouldn't have to do this, unless you force pty allocation by > e.g. passing "-t" yourself. Then I wonder why I'm getting a pseudoterminal. Note that I'm using git from git bash on Windows in a walled off corporate environment. The ssh manpage says: > If no pseudo-terminal has been allocated, the session is transparent > and can be used to reliably transfer binary data. On most > systems, setting the escape character to ``none'' will also > make the session transparent even if a tty is used. If we want the ssh to be binary transparent regardless (and I think we do) then that makes my suggestion, `ssh -e none`, still perhaps a good one? On Tue, Jul 6, 2021 at 10:03 PM Aaron Hall <aaronchallmba@gmail.com> wrote: > > I'll reply on list. > > On Tue, Jul 6, 2021 at 9:58 PM Aaron Hall <aaronchallmba@gmail.com> wrote: > > > > My context is using git from git bash on Windows in a walled off environment. > > > > On Tue, Jul 6, 2021 at 9:48 PM Junio C Hamano <gitster@pobox.com> wrote: > > > > > > Aaron Hall <aaronchallmba@gmail.com> writes: > > > > > > > I was trying to push some binary files (PNGs) over ssh and found some > > > > files inexplicably wouldn't successfully push. > > > > > > > > I set, in my .gitconfig file: > > > > > > > > [core] > > > > sshCommand = ssh -e none > > > > > > > > And it works now for all files (that I can tell). > > > > > > > > From a close examination of the output where I noted escape codes > > > > showing up, I believe the problem to be ssh escape codes. > > > > > > > > `\n~.` for example closes the ssh client. > > > > > > > > Therefore I think the default ssh command should be `ssh -e none` > > > > instead of `ssh` for the benefit of users who won't recognize the > > > > problem, unless `git` is expected to make use of ssh escape codes. > > > > > > Curious. > > > > > > When we use ssh to run the receive-pack over the wire while pushing, > > > we do not ask for pty, and because the "-e" option to set the escape > > > character is meaningful only when ssh runs with pty allocated, you > > > shouldn't have to do this, unless you force pty allocation by > > > e.g. passing "-t" yourself. ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Default ssh command 2021-07-07 2:13 ` Aaron Hall @ 2021-07-07 13:29 ` brian m. carlson 2021-07-08 13:50 ` Aaron Hall 0 siblings, 1 reply; 5+ messages in thread From: brian m. carlson @ 2021-07-07 13:29 UTC (permalink / raw) To: Aaron Hall; +Cc: git [-- Attachment #1: Type: text/plain, Size: 2967 bytes --] On 2021-07-07 at 02:13:34, Aaron Hall wrote: > > When we use ssh to run the receive-pack over the wire while pushing, > > we do not ask for pty, and because the "-e" option to set the escape > > character is meaningful only when ssh runs with pty allocated, you > > shouldn't have to do this, unless you force pty allocation by > > e.g. passing "-t" yourself. > > Then I wonder why I'm getting a pseudoterminal. > > Note that I'm using git from git bash on Windows in a walled off > corporate environment. Do you maybe have RequestTTY set in some SSH configuration file, like ~/.ssh/config? You can also run "ssh -vvv HOSTNAME" to see if there are any config files. For example, if I do "ssh -vvv git@github.com"[0], I see these lines: debug1: Reading configuration data /home/bmc/.ssh/config debug1: /home/bmc/.ssh/config line 44: Applying options for github.com debug1: /home/bmc/.ssh/config line 67: Applying options for * debug3: kex names ok: [sntrup4591761x25519-sha512@tinyssh.org,curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256] debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files debug1: /etc/ssh/ssh_config line 21: Applying options for * That tells me I have some configuration for github.com (and for all hosts) in ~/.ssh/config and some for all hosts in /etc/ssh/ssh_config. It doesn't tell me what they are, but I can look in the files to see. Also, you may wish to run "env | grep '^GIT'" to see if anybody has configured the GIT_SSH or GIT_SSH_COMMAND variables, and check with "git config -l --show-origin" to see if someone has overridden the SSH configuration. > The ssh manpage says: > > > If no pseudo-terminal has been allocated, the session is transparent > > and can be used to reliably transfer binary data. On most > > systems, setting the escape character to ``none'' will also > > make the session transparent even if a tty is used. > > If we want the ssh to be binary transparent regardless > (and I think we do) then that makes my suggestion, > `ssh -e none`, still perhaps a good one? The problem is that on some systems "ssh" is something other than OpenSSH and we will likely break those systems. That doesn't mean we can't do it if it's necessary, but it does mean that if this is a configuration issue, it would be better to fix the configuration if we can rather than potentially break systems needlessly. This problem will also occur for tools like rsync and various other programs which expect the standard behavior for the ssh binary, so making a change here in Git is also not the right place if we can avoid it. [0] Chosen simply because I know it works, it has configuration on my system, and it's publicly accessible. -- brian m. carlson (he/him or they/them) Toronto, Ontario, CA [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 262 bytes --] ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Default ssh command 2021-07-07 13:29 ` brian m. carlson @ 2021-07-08 13:50 ` Aaron Hall 0 siblings, 0 replies; 5+ messages in thread From: Aaron Hall @ 2021-07-08 13:50 UTC (permalink / raw) To: git > Do you maybe have RequestTTY set in some SSH configuration file, like > ~/.ssh/config? You can also run "ssh -vvv HOSTNAME" to see if there are > any config files. That's it! Not sure why I put a wildcard RequestTTY force... I was probably just going through the man page and putting down things that looked like were what I wanted... My urgency on this issue is gone. But unless git expects escape codes, perhaps it still should set them to none. > The problem is that on some systems "ssh" is something other than > OpenSSH and we will likely break those systems. That doesn't mean we > can't do it if it's necessary, but it does mean that if this is a > configuration issue, it would be better to fix the configuration if we > can rather than potentially break systems needlessly. I would expect it would be a compatible change but I don't have time to research it. > This problem will also occur for tools like rsync and various other > programs which expect the standard behavior for the ssh binary, so > making a change here in Git is also not the right place if we can avoid > it. To me, it's weird that an improperly configured tool breaks another tool, and it seems that we could be more robust to that sort of problem without breaking anyone, but as you say we would need to verify we're not breaking anyone. I suggest keeping this open as an issue, but that's up to you all. ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2021-07-08 13:51 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-07-07 1:35 Default ssh command Aaron Hall
2021-07-07 1:48 ` Junio C Hamano
[not found] ` <CADrEZfGHAi=Lr6QMsJbXGy1Rs9VDzTVxQPNH4xHHj6ataEAvVA@mail.gmail.com>
[not found] ` <CADrEZfHJZT47nNZJ8v2T4vOJkMN7ccaai6DKdzFLF8Zoc42hWw@mail.gmail.com>
2021-07-07 2:13 ` Aaron Hall
2021-07-07 13:29 ` brian m. carlson
2021-07-08 13:50 ` Aaron Hall
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).