jj: Jj git fetch not connecting to ssh-agent

Overview

For some reason, ssh operations don’t seem to be connecting to the ssh-agent for me. This is means that my ~/.ssh/config doesn’t get read, so port and key settings never get read:

$ jj git fetch
Error: Unexpected git error when fetching: failed to connect to git.wilsonb.com: Connection refused; class=Os (2)

Sanity checks

Level 1

I am fairly sure my ssh-agent is running and SSH_AUTH_SOCK is setup correctly:

$ ssh-add -L
...
<my key>
...

Level 2

But, just to be sure, I directly checked whether jj is actually trying to connect to ssh-agent

$ strace -fo ~/jj.strace jj git fetch
...
$ grep -F "$SSH_AUTH_SOCK" ~/jj.strace || echo nope
nope

Level 3

But since SSH_AUTH_SOCK was added in 4a1576c, I started to doubt my sanity, so I ran ssh-agent -d, which stays in the foreground and noisily shows when anyone connects. Running something like ssh example.com does cause it to generate connection logs; however, in the same shell as that working ssh command, running jj git fetch errors out, and ssh-agent stays completely silent.

Am I missing something obvious?

Version info

I am running the latest flake on HEAD:

$ nix shell github:martinvonz/jj#jujutsu
$ command -v jj
/nix/store/8i7lzldsqwl35zl04p8x7vlll03zjch4-jujutsu-unstable-86318bf/bin/jj

About this issue

  • Original URL
  • State: closed
  • Created a year ago
  • Comments: 27 (4 by maintainers)

Most upvoted comments

If it’s true, though, then that indicates a bug in libssl2, right?

Correction: libssh2

I suspect it’s a bug of libgit2 (and/or missing feature of libssh2.) As I explained in #389, libgit2 (which uses libssh2 under the hood) has some problem in host key exchange. I guess libgit2 would have a similar shortcoming in authentication process.

+1
yuja on Mar 23, 2023

Hah. You’re completely right. Embedding the port number in the fetch URL did the trick: ssh://git@git.wilsonb.com:24570/~/dyalog-play.git.

I was thinking that ssh-agent passed connection establishment off to openssh somehow, but it turns out that ssh-agent keeps its responsibilities small and only provides auth tokens. Here’s a good overview explanation: https://unix.stackexchange.com/questions/338853/how-to-use-ssh-agent-for-offering-host-specific-keys-from-ssh-config-file-and#answer-590262

It’s pretty annoying that sshlib2 pushes ssh_config parsing off to its users. Anyway, since that’s on our radar already and this issue is unrelated, I’m closing.

+1
xelxebar on Mar 16, 2023

Roger. I’ll try to spin up a Rust dev env and see what I can find.

+1
xelxebar on Mar 16, 2023
Read more comments on GitHub
← jj: FR: Upsert branch (update branch or create if it does not exist)
jj: `jj prev` moves back by two revisions if `@` has no children but is not empty →