bug#64648: Can't clone a git repo over anonymous SSH

Sat, 15 Jul 2023 06:31:22 -0700 

Hi all !

I'm trying to write a package for a repo that's accessible through an
anonymous SSH access.

The repo can be cloned with:
git clone g...@the-dam.org:permaudit
without any issues.

However, when I use the package definition below, I get the following
error:
guix build: error: Git failure while fetching ssh://g...@the-dam.org/permaudit: 
failed to start SSH session: Unable to exchange encryption keys

Some googling leads me to believe this is a mismatch between the
client's accepted ciphers and the server's accepted ciphers, but both
machines are up-to-date guix systems, so I'm not sure it's that.

I don't want to install an HTTP bridge, git is fine via SSH.

If anybody has any idea, I'm all hears.

Thanks !

Edouard.




(define-public permaudit
  (let ((revision "0")
        (commit "1cd9fe303076d7656469dbfc455d63aff70d62ed"))
    (package
      (name "permaudit")
      (version (git-version "20230714" revision commit))
      (source
       (git-checkout
        (url "ssh://g...@the-dam.org/permaudit")
        (commit commit)))
      (build-system gnu-build-system)
      (arguments
       `(#:tests? #f                    ; no tests
         #:phases
         (modify-phases %standard-phases
           (replace 'configure          ; no configure script but taking this
                                        ; opportunity to replace the hard
                                        ; coded path to permaudit.sh
             (lambda* (#:key inputs outputs #:allow-other-keys)
               (let* ((out (assoc-ref outputs "out"))
                      (bin (string-append out "/bin"))
                      (bash (assoc-ref inputs "bash-minimal")))
                 (substitute* "permaudit_wrapper.c"
                   (("/usr/bin/permaudit.sh")
                    (string-append bin "/permaudit.sh"))
                   (("/bin/bash")
                    (string-append bash "/bin/bash")))
                 (substitute* "permaudit.sh"
                   (("/bin/bash")
                    (string-append bash "/bin/bash"))
                   (("find")
                    (string-append find "/bin/find"))))))
           (replace 'install            ; no install target
             (lambda* (#:key outputs #:allow-other-keys)
               (let* ((out (assoc-ref outputs "out"))
                      (bin (string-append out "/bin")))
                 ;; Those chmod won't be respected in the store anyway
                 ;; (the store is read-only, and you can't setuid a binary in 
it)
                 ;; but this is the spirit of upstream's makefile target 
"install"
                 (chmod "permaudit.sh" #o644)
                 (install-file "permaudit.sh" bin)
                 (chmod "permaudit" #o4754)
                 (install-file "permaudit" bin)))))))
      (inputs
       (list bash-minimal coreutils))
      (synopsis "Permission audit tool")
      (home-page "https://the-dam.org/docs/explanations/permaudit.html";)
      (description
       "Permaudit lets you see who can read or write on the specified 
directory.")
      (license license:agpl3+))))

Reply via email to