Re: [Gnu-arch-users] Some issues

[Andrew Suffield]

On Thu, Jun 10, 2004 at 12:40:32AM +0800, Cameron Patrick wrote:
> Matthieu Moy wrote:
> 
> | > A "per-archive umask" would be tla going out of its way to
> | > break umask. If you want some processes to use a different umask, fix
> | > your login scripts to stop assigning one you did not want.
> | 
> | There's  still a  problem with  (s)ftp: As  far as  I know,  you can't
> | change  the  default permissions  on  the  server  unless you  are  an
> | administrator of that server. (or if you patch your client)
> 
> .bashrc or .zshrc set the sftp umask perfectly well for me.
> Unfortunately it's no good if you want to have arch use one umask but
> everything else use another.

You can pass environment variables through, or invoke a different
shell on the server, based on client configuration. Then you just
configure your client with several profiles for the same server, and
write a more intelligent rc script. openssh could provide features to
make this easier, but here's one way:

.ssh/authorized_keys contains two keys, each with
environment="SSH_KEY=key1", varying the value for each key. The shell
rc script conditionalises based on this value.

.ssh/config on the client contains:

Host foo-key1
        Hostname foo
        IdentityFile ~/.ssh/id_rsa-key1

Host foo-key2
        Hostname foo
        IdentityFile ~/.ssh/id_rsa-key2

Now 'sftp foo-key1' and 'sftp foo-key2' cause different code to be
executed in the server shell rc script. The rest should be obvious.

-- 
  .''`.  ** Debian GNU/Linux ** | Andrew Suffield
 : :' :  http://www.debian.org/ |
 `. `'                          |
   `-             -><-          |

signature.asc
Description: Digital signature