This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch bugfix/osx in repository x2goclient. commit 07432196883464efabee2e3418fc6dbc432ee4b3 Author: Mihai Moldovan <ionic@ionic.de> Date: Thu Sep 22 04:05:53 2016 +0200 src/onmainwindow.cpp: document createRSAKey () because what it does is completely non-obvious. --- debian/changelog | 2 ++ src/onmainwindow.cpp | 33 +++++++++++++++++++++++++++++++++ 2 files changed, 35 insertions(+) diff --git a/debian/changelog b/debian/changelog index c17126a..be7d87f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -378,6 +378,8 @@ x2goclient (4.0.5.3-0x2go1) UNRELEASED; urgency=medium - src/pulsemanager.cpp: remove unused variables. - src/unixhelper.cpp: code cleanup. - src/{unixhelper.cpp,x2goclient.cpp}: fix errno usage - save before use. + - src/onmainwindow.cpp: document createRSAKey () because what it does is + completely non-obvious. [ Bernard Cafarelli ] * New upstream version (4.0.5.3): diff --git a/src/onmainwindow.cpp b/src/onmainwindow.cpp index 0d273b4..07c8b18 100644 --- a/src/onmainwindow.cpp +++ b/src/onmainwindow.cpp @@ -8079,6 +8079,33 @@ void ONMainWindow::exportDefaultDirs() QString ONMainWindow::createRSAKey() { + /* + * I spent multiple hours on trying to understand this function + * and directory exporting in general, so I'd better document + * this. + * + * This function first generates a new RSA private-public key + * pair as ~/.x2go/ssh/gen/key.XXXXX{,.pub}. + * + * Then, the SSH daemon's public host key is read and appended + * to the *private* SSH key file after a marker looking like + * this: "----BEGIN RSA IDENTITY----" + * + * Later on, this *private* SSH key file is transferred to the + * remote server, which parses it in the "x2gomountdirs" perl + * script and extracts the public key (used for logging in + * to the client machine) and the public *host* key, used to + * circumvent the "untrusted host" message by SSH by + * explicitly giving the aforementioned public *host* key as + * the only element in a fake "authorized_keys" file. Again, + * this is all happening server-side. + * + * The *public* key part generated here is then taken and + * later added to the "authorized_keys" file on the client + * side, to allow auto-logins via the generated and transferred + * private SSH key. + */ + QDir dr; QString keyPath=homeDir +"/.x2go/ssh/gen"; dr.mkpath ( keyPath ); @@ -8094,6 +8121,9 @@ QString ONMainWindow::createRSAKey() QStringList args; + /* + * Generating new key material here. + */ args<<"-t"<<"rsa"<<"-b"<<"1024"<<"-N"<<""<<"-f"<<keyName<<"-q"; x2goDebug<<"ssh-keygen " + args.join(" "); @@ -8106,6 +8136,9 @@ QString ONMainWindow::createRSAKey() x2goDebug<<"ssh-keygen succeeded."; + /* + * Now taking the *host* pub key here... + */ QFile rsa ( "/etc/ssh/ssh_host_rsa_key.pub" ); #ifdef Q_OS_WIN rsa.setFileName ( -- Alioth's /srv/git/code.x2go.org/x2goclient.git//..//_hooks_/post-receive-email on /srv/git/code.x2go.org/x2goclient.git