2

SOLVED, see the last edit

I have a SourceForge repository and I correctly set my SSH key there. It works fine. But when I use TortoiseHG to push my modifications to the repository, I keep getting asked for the password for my PPK (since I protected it).

I tell Mercurial about my PPK like this:

[ui] ssh = tortoiseplink.exe -ssh -i "c:\Users\my_user\SSH\my_user.ppk"

But it keeps pestering me with the password for the PPK. I know about that KeyRing extension for Mercurial but does it work with PPKs?

Then...

There is this Pageant tool with TortoiseHG. Apparently you tell TortoiseHG to use it by specifying -agent, like this:

[ui] ssh = tortoiseplink.exe -ssh -i "c:\Users\my_user\SSH\my_user.ppk" -agent

I added my key in Pageant but when I synchronize with TortoiseHG, it still asks for the passphrase of my PPK, even though I already mentioned that when I added the PPK in Pageant.

And another thing which annoys me is that Pageant "forgets" all keys upon program restart. So it's kinda' useless.

Any way I could use that KeyRing extension to add my PPK in TortoiseHG and keep the password stored somewhere?

If there is no way to solve this, I guess I'll just use a non-protected PPK and that's it...

LATER EDIT:

This is the debug output I get when I try to do a push via the TortoiseHG Sync tool, configured as above.

% hg --repository C:\Projects\MyProject push --debug ssh://echysttas@hg.code.sf.net/p/myproject/code

pushing to ssh://echysttas@hg.code.sf.net/p/myproject/code

running "c:\Program Files\TortoiseHg\TortoisePlink.exe" -agent echysttas@hg.code.sf.net "hg -R p/myproject/code serve --stdio"

sending hello command

sending between command

here I get a password request, which I cancel because I don't want to keep repeating my password

no suitable response from remote hg [command returned code 255 Mon Nov 19 20:43:14 2012]

LATER EDIT 2:

I noticed that some examples use plink.exe instead of TortoisePlink.exe. Well, ok, I tried with plink.exe (directly from the Putty website) as well. This yielded promising results...

sending hello command

sending between command

remote: Passphrase for key "rsa-key-20121118":

remote: Passphrase for key "rsa-key-20121118":

But then, it got stuck here.

LATER EDIT 3

Amazingly funny find ::- D.

It got stuck because I was invoking TortoiseHG Sync from non-elevated Explorer but I started Pageant from an elevated Total Commander. I'm using UAC on my Windows 7 and that caused the problem.

If Pageant is run from admin-rights Total Commander, then the TrtoiseHG Sync must also be launched from there! If done so, it works! It also works if I start Pageant from non-elevated Explorer and I also do the Sync from there.

Done!

Lazy Badger I'm still awarding the answer to you because you were anything BUT lazy and you proved interest & helped me a lot. Although "it works on my machine" isn't really the answer, it sure got me thinking and your many words & descriptions are worth that glorious green checkmark, eh? :D.

Axonn
  • 10,076
  • 6
  • 31
  • 43
  • Password request, according to SF docs means "You haven't SSH keys in profile" – Lazy Badger Nov 19 '12 at 21:11
  • Nah, password request also occurs if you try to commit without using plink. Then, you can do it with your usual SF password. – Axonn Nov 20 '12 at 21:06

1 Answers1

2

Well, I can work with pageant without being asked about password more one once

my ssh line

ssh = "c:\Program Files\_Tools\TortoiseHg\TortoisePlink.exe"

and running Pageant (with loaded private key /PuTTY-User-Key-File/) will give me ability to communicate with repo without re-authentication

Note 1: Keyring doesn't help in your case at all, debug pageant functionality with pure-ssh connection (ssh or plink)

Note 2: To start Pageant with key (only password needed) you can use extended command-line

Pageant can automatically load one or more private keys when it starts up, if you provide them on the Pageant command line. Your command line might then look like:

C:\PuTTY\pageant.exe d:\main.ppk d:\secondary.ppk

If the keys are stored encrypted, Pageant will request the passphrases on startup.

If Pageant is already running, this syntax loads keys into the existing Pageant.

Add-on

Tried push with my current ssh-settings for TortoiseHG 2.6 (XP SP3 x86), Mercurial repo

c:\TEMP\Fiver>hg push sf
pushing to ssh://bigbadger@hg.code.sf.net/u/bigbadger/code
searching for changes
remote: adding changesets
remote: adding manifests
remote: adding file changes
remote: added 7 changesets with 39 changes to 19 files
remote: <Repository /hg/u/bigbadger/code> refresh queued.

Local repo hgrc

[paths]
...
sf = ssh://bigbadger@hg.code.sf.net/u/bigbadger/code

Private key loaded into Pageant, public key registered on SF, in my profile

Mercurial.ini (relevant part)

[ui]
merge = <irrelevant>
username = <irrelevant>
ssh = "c:\Program Files\_Tools\TortoiseHg\TortoisePlink.exe"

(note none of additional arguments for TortoisePlink)

and nothing more special was done

Screenshot of pure THG push with log output

Push

Log of good plink+pageant session for SF-SSH

>Plink.exe -v -agent bigbadger@hg.code.sf.net
Looking up host "hg.code.sf.net"
Connecting to 216.34.181.156 port 22
Server version: SSH-2.0-OpenSSH_5.3
Using SSH protocol version 2
We claim version: SSH-2.0-PuTTY_Release_0.62
Doing Diffie-Hellman group exchange
Doing Diffie-Hellman key exchange with hash SHA-256
Host key fingerprint is:
ssh-rsa 2048 86:7b:1b:12:85:35:8a:b7:98:b6:d2:97:5e:96:58:1d
Initialised AES-256 SDCTR client->server encryption
Initialised HMAC-SHA1 client->server MAC algorithm
Initialised AES-256 SDCTR server->client encryption
Initialised HMAC-SHA1 server->client MAC algorithm
Pageant is running. Requesting keys.
Pageant has 1 SSH-2 keys
Using username "bigbadger".
Trying Pageant key #0
Authenticating with public key "github/lazybadger" from agent
Sending Pageant's response
Access granted
Opened channel for session
Allocated pty (ospeed 38400bps, ispeed 38400bps)
Started a shell/command
Last login: Tue Nov 20 03:20:48 2012 from 85.249.33.17
Server sent command exit status 1
Disconnected: All channels closed

Welcome to hg.sourceforge.net
This is a restricted Shell Account
You cannot execute anything here.
Community
  • 1
  • 1
Lazy Badger
  • 94,711
  • 9
  • 78
  • 110
  • TortoisePlink works for me as well. As in, I don't get a request from SourceForge for my password, but I do get a request to enter the private key passphrase. So it appears that Pageant just doesn't work. It seems like it's not actually connected to TortoiseHG. – Axonn Nov 18 '12 at 23:25
  • @Axonn - Try to `push --debug` from CLI in order to see more details: I can push (have to repeat) to git+ssh:// from THG+Pageant – Lazy Badger Nov 19 '12 at 00:14
  • This is what the debug returns. It's weird that it sends that echysttas@hg.code.sf to the agent. echysttas is my SF user. Maybe that's ok. Here comes the debug data: ssh://echysttas@hg.code.sf.net/p/magebook/code running "c:\Program Files\TortoiseHg\TortoisePlink.exe" -agent echysttas@hg.code.sf.net "hg -R p/magebook/code serve --stdio" sending hello command sending between command no suitable response from remote hg – Axonn Nov 19 '12 at 17:58
  • @Axonn - please, **full** real output - you may add it into question – Lazy Badger Nov 19 '12 at 18:48
  • That's almost all the output. It's obtained from the TortoiseHG Sync tool (Windows 7 x64). I added the output full to the question. – Axonn Nov 19 '12 at 19:42
  • @Axonn - check https://sourceforge.net/account/services, "Number of SSH Shared Keys (Public Keys)" and using correct private key (private key is pair for loaded public key) – Lazy Badger Nov 19 '12 at 21:14
  • Yes, it works and it's correct. If I enter the passphrase for the private key, then the commit works. I discovered one more thing in the meantime, which I added as 2nd later edit to my question. – Axonn Nov 19 '12 at 21:42