X-Git-Url: https://git.madduck.net/etc/offlineimap.git/blobdiff_plain/03eefc3f0985ba8f108b3ec906c712999a9f7848..7218ce240e6f46b8a9d66d6ec582ed93c8cbdf4f:/.offlineimap/preauthtunnel.sh?ds=sidebyside diff --git a/.offlineimap/preauthtunnel.sh b/.offlineimap/preauthtunnel.sh index 778cf0d..b341fc3 100755 --- a/.offlineimap/preauthtunnel.sh +++ b/.offlineimap/preauthtunnel.sh @@ -1,14 +1,19 @@ #!/bin/sh -exec ssh -F ~/.offlineimap/ssh_config -i ~/.offlineimap/${1}.ssh-seckey ${1} +# Ensure we don't use an existing SSH agent +unset SSH_AUTH_SOCK -# this relies on the IMAP command being specified on the server side, i.e. in +exec ssh -F ~/.offlineimap/ssh_config -i ~/.offlineimap/${1}.ssh-seckey ${1} \ + echo -e "Please configure \~/.ssh/authorized_keys on the server and prepend the line with the public key corresponding to the password-less SSH key in ~/.offlineimap/${1}.ssh-seckey :\\\n\\\n 'command=\"MAIL=\$HOME/.maildir /usr/lib/dovecot/imap 2>/dev/null\",no-agent-forwarding,no-X11-forwarding,no-port-forwarding,no-pty'" + +# This relies on the IMAP command being specified on the server side, i.e. in # ~/.ssh/authorized_keys, put a line like the following # # command="MAIL=$HOME/.maildir /usr/lib/dovecot/imap 2>/dev/null",no-agent-forwarding,no-X11-forwarding,no-port-forwarding,no-pty ssh-ed25519 AAA… # -# Then, when you invoke this script directly, you should see the IMAP server -# greet you: +# When a command is specified like this, it overrides the instructions being +# passed in the command above. So, when you invoke this script directly, you +# should see the IMAP server greet you: # # % ~/.offlineimap/preauthtunnel.sh madduck-net.imap.madduck.net # * PREAUTH [CAPABILITY IMAP4rev1 […]] Logged in as madduck