►
From YouTube: GSoC 2021 Git credentials binding 2021 06 08
Description
Git credentials binding project in Google Summer of Code 2021. Discussion topics included preparing the first pull request, more project documentation, and the ssh private key implementation alternatives
A
A
A
A
A
B
Yeah,
the
pr
I
will
make
a
pr
buy
today.
I
was
just
working
on
it,
so
I
will
make
it
back
today
and
I
have
should
I
provide
some
test
cases
as
well.
A
Yeah,
so
so
I
guess
to
answer
your
question:
if
you
submit
code
that
has
no
test
cases,
someone
else
will
likely
test
it.
Interactively
give
you
feedback
on
their
interactive
test
results
and
then
tell
you
now
you
need
to
write
automated
tests,
but
the
interactive
testing
is
good,
even
if,
even
if
you
haven't
yet
created
interactive,
if
you,
even
if
you
haven't
created
automated
tests,
yet
interactive
testing
is
still
very
valuable.
B
Okay,
also,
I
just
want
to
I
mean
there
was
like
we
have
to
set
up
the
regular
meeting
meeting
day
or,
and
the
meeting.
A
And
currently,
we've
got
tuesday,
but
we
don't
have
any
other
days
scheduled.
A
C
I
would
have
preferred
eight
to
nine.
If
so,
I
have
to
start
working
by
9
or
9
30,
usually
so,
if,
if
if
it's
negotiable,
then
yeah
it
would
be
great,
but
I
I
can
manage
it.
B
I
mean
we
can
fall
back
to
7
30.
Then.
C
A
C
We
were
doing
this
today
because,
because
we
wanted
you
to
be
in
the
meeting
right,
this
was
today
shifted
from
wednesday
to
tuesday,
so
that
there
was
a
clash.
I
think
in
your
schedule.
A
And-
and
that
is
that
is
correct,
so
if
wednesday
7
30
a.m,
india
standard
time
works
for
everybody.
That's
great
for
me
is
that
would
be
that's
the
time
we
did
it
before.
How
is
that
for
you
justin?
Is
that
a
workable
time
for
you,
so
tuesday
opening
7
p.m?
Your
time,
I
think
right
right
now.
What
time
is
it
right
now,
your
time,
it's
eight
p.m.
D
A
C
C
So
yeah
for
previous
juice
of
2020,
we
kept
it
wednesday,
friday,
tuesday,
exactly
remember
but
yeah.
We
used
to
keep
two
sessions,
but
I
think
it's
entirely
dependent
on
the
student.
I
would
say,
if
you
have
enough
questions
that
you
would
like
to
ask
within
a
week,
then
we
can
have
two
sessions.
But
if
you
think
that
one
session
is
enough
for
your
development,
then
you
know
I
am
personally
comfortable
in
session
as
well.
A
B
A
A
A
A
Oh
very
good,
I
know
if
you,
if
you've
got
a
lastpass,
that's
I
I
have
ways
to
do
a
one-time
sharing
through
other
other
things,
so
this
this
will
be
easy
I'll,
just
send
it
to
you
great,
sweet,
okay,
so
anything
else
we
need
to
discuss
today.
So
how
should
you
mention
that
you're
going
to
some?
You
know
what
I
guess.
One
topic
I
had
was:
we
will
need
documentation
included
as
well.
Eventually
have
you
given
any
thought
to
how
to
document
it.
A
Sure
here,
let's
see
so
you
we
want
to
look
at
the
project
proposal
on
the
jenkins
io
site.
Or
is
it?
Are
you
looking
at
it
at
somewhere
else,
jenkins,
iosight,
okay,
great?
So
let's
go
here
and
nope,
not
that
one!
Sorry,
2021
g
sock
sub
project
here
we
are
okay,
good
and
is
that
visible
to
everyone.
A
All
these
have,
these
are
to
be
kept.
Oh
no,
you
can
choose,
you
should
choose,
choose
much
better
if
you've
got
a
better
name
for
them.
You
are
welcome
to
choose
the
better
name.
Absolutely
this
was
just
this
was
just
the
idea
is,
is
what
you're
asking
is.
Do
you
have
to
use
this
name,
and
this
name
kind
of
thing
is
that
what
you're
asking.
A
B
Okay,
also
the
new
there's
newly
friendly
issues.
I
think
these
this
can
be
removed
now.
A
A
B
A
B
D
And
there's
actually
a
to-do
in
there
for
the
office
hours.
D
A
A
D
A
Here's
here's
an
example:
I'm
going
to
paste
into
the
chat
if,
if
it
helps
you
so,
is
an
example
of
the
final
structure
of
last
year's
page.
A
A
And
then
yeah
we
could
do.
We
could
have
the
section
on
deliverables.
Certainly,
we've
identified
right
that
there
is
a
username
password
pull
request
and
a
release
of
the
get
client
plug-in
for
it,
a
passphrase
based
and
a
release,
and
possibly
or
and
hopefully
a
pr
passphrase
protected
private
key
and
a
release.
A
So
this
goes
through
the
those
various
pieces
and
then,
as
you
go
further
down
the
page,
it
will
get
you
into
links
to
steps
that
have
happened
later
on.
So
performance
enhancement
was
a
later
step
there
we
go
evaluation
phase
one
and
that's
that's
coding
phase.
One
basically
isn't
that
what
that
represented
for
us
richard
was
this
was
coding
phase
one.
So
what
we're
starting
now
and
we'll
run
for?
What
is
this?
Do
we
have
four
weeks
in
coding
phase
one
or
six.
C
C
I
would
say
if
you
don't
have
a
design
document,
if
you
have,
let's
say
the
architecture
or
the
design
for
your
this
class,
the
first
binding
you're
making
having
that
representation
on
the
page
would
be
because
I
think,
personally,
that
people
it's
easier
for
people
to
relate
when
they're
looking
at
a
blog
and
they
see
a
that's
the
first
thing
they
see
when
they're,
because
I
think
in
your
case
you're
going
to
go
you're
going
to
explain
your
implementation.
C
That
is
how
you're
going
to
explain
your
project
and
that's
a
lot
of
code,
so
I
think
the
best
way
to
represent
it
would
be
first
to
give
a
design
to
give
a
picture
in
any
form
like
the
uml
diagram.
However,
you
want
to
represent
your
class
or
your
implementation
and
then
go
with
explaining
that
implementation.
B
A
D
D
A
And
I
will
drop
offline
beginning
wednesday,
so
justin
you
and
rishabh
are
in
the
lead.
D
A
E
C
So
I
had
another
topic
if
this,
if
you're
adding
another
topic
to
the
discussion
list
for
today,
is
related
to
ssh
private
keys
within
without
passphrase,
so
decryption
of
them,
so
yeah.
A
A
A
A
B
D
Yeah,
my
my
mac
does
not
have
permissions
to
hold
on
to
zoom,
so
I
could
either
leave
and
come
back
or
oh.
What
does
that
mean?
So
you
I've
made
you
host,
but
you
can't
can't
stay
as
host
or
so
I
can
stay
as
host,
but
I
just
can't
share
my
screen
just
because
my
mac
hasn't
given
zoom
privileges.
Yet
oh
okay,
yeah,
I
see
you
don't
have
to,
but
we.
C
See
it
yeah
so
so.
Last
time
we
were
discussing
on
a
possibility
of
decrypting
the
openssh
private
keys
with
bouncy
hassle
apis
and,
if
you
so
justin
you're,
not
there,
but
basically
what
we
found
was
that
there
were.
There
are
specs
which
bouncy
castle
has
created,
which
kind
of
gave
us
a
hint
this.
C
This
is
a
spec
which
they
created
for
the
open
ssh
for
the
new
format,
so
this
kind
of
gave
us
a
hint
that
there
is
a
possibility,
an
area
where
we
could
bouncy
castle
could
provide
us
the
ability
to
decrypt
those
keys.
So
so
I
was
trying
that
I
was
I
basically
what
I
tried
was
that
I
created
some
test
keys.
I
have
pasted
them
here
as
well,
and
I
have
them
in
my
in
in
another
folder
as
well,
so
they
were
created
with
I.
I
created
three
experiments.
C
C
With
bouncy
gasoline,
I
was
facing
weird
issues.
First
of
all,
what
I
could
find
out
find
out
was
that
with
ed25519.
So
if
I
have
a
private
key.
C
This
bouncy
asset
was
able
to
pass
and
I
I
was
able
to
get
the
private
key
from
the
key
factory
java
private
key
implementation
from
the
spec
that
so
I
could
do
that
with
this
algorithm
if
the
key
was
created
specifically
with
this
algorithm,
but
I
was
facing
an
issue
if
the
user
was
not
mentioning
the
algorithm.
So
let's
say
if
the.
C
If
the
user
creates
a
key
like
this,
then
it
was
not
able
to
pass
it.
I
was
facing
an
issue
with
the
passing
logic
of
open,
ssh,
private
key,
and
I
can
I
tried
to
find
reasons
for
it,
but
I
could
not,
and
so
one
more
thing
I
saw
in
their
own-
I
actually
have
their
I
cloned
their
project
as
well,
so
I
was
for
for
me.
C
I
personally
found
out
that
the
best
way
to
look
how
to
use
it
was
to
look
at
the
tests
they
have
for
for
these
classes,
I'm
trying
to
test
use
actually
so
so
what
I'm
sure
about
is
that
they've
tested
rsa
here?
So
if
you
have
a
rsa
private
key,
this
can
be
read
and
decrypted
using
the
bouncy
castle
apis.
C
If
you
have
a
dsa,
that
also
can
be
done
if
it's
e
c
dsa
that
also
is
covered
here
and
ad25519
is
also
covered
here.
But
all
of
these
keys
are
not
passwords
protected,
because
what
I
found
out
was-
and
let
me
go
to
the
document
as
well-
that
if
any
ssh
key
is,
is,
is
being
passed
phase
protected
by
the
open,
ssh,
the
ssh
key
gen,
then
it
is
encrypted
with
this
format,
with
this
algorithm.
C
So
so
what
I
could
understand
is
that
first,
we
need
to
decrypt
that
and
then
get
the
private
key
and
process
it
with
the
with
the
open,
ssh
utility
that
bouncy
castle
has
provided
so
with
pass
phase
projected
keys.
That
was
what
I
saw
like
I
tried
for
any
algorithm
I
gave
in
the
open
ssh
format.
It
was
not
able
to
pass
pass
it.
So
that
was
the
first
thing
I
found
out
when
with
this,
so
it
was.
C
Yes,
that
is
what
I
saw
with
ed25519
algorithm
and
with
rsa
with
both
of
them.
If
their
past
is
protected.
This
is
what
it
said
when
it
when
it
was
trying
to
decrypt
it.
I
was
debugging
the
code
and
it
was
able
to
get
this
cipher
out
of
the
key
and
it
said,
and
it
does
not
support
the
cipher,
and
I
can
also
show
you
in
their
in
their
implementation
in
their
implementation.
Basically,
this
is
exactly.
C
This
is
the
line
where
they
try
to
get
the
cipher
from
the
private
key,
and
if
you
can
look
here,
they
basically
expect
that
this
there
is
no
cipher.
If
there
is
a
cipher,
then
it
says,
encrypted
keys
are
not
supported,
that's
fun,
yeah,
so
so
with
bouncy
castle.
I
to
be
more
clear,
I
was
not
able
to
pass
any
pass
phase
protected
sshk,
but
I
was
able
to
pass
keys
with
this
format
without
passwords.
C
With
one
issue
that
if
the
algorithm
is
not
mentioned
by
creating
the
ssh
key,
that
that
is
rsa
by
default,
but
but
I
am
not
sure
why
bouncy
asset
was
creating
an
issue.
Maybe
I
was
doing
something
wrong,
I'm
not
sure,
but
there
was
definitely
an
issue.
It
was
not
able
to
pass
it.
It
says
that
it
gives
me
the
same
error.
Encrypted
keys
are
not
supported,
so
I
I
actually
kind
of
yeah.
These
were
the
formats
I
could
pass
with
the
bouncy
castle
apis,
but
then
I
I
if
there
is
no
questions.
C
I
went
ahead
and
I
looked
at
a
different
library,
and
that
was
really
interesting
because
that
was
ssj
and
to
my
understanding,
ssj
is
a
java
implementation
of
ssh
scp
sftp
clients.
So,
with
with
that
library,
I
was
able
to
pass
every
if
it's
a
pathways
protected
key
or
without
a
password.
I
was
able
to
read
them
and
I
was
able
to
generate
a
private
key
out
of
them.
A
C
So
the
the
thing
I
did
was
that
they
have
this
utility
called
a
open,
ssh
keyboard
file,
and
you
just
need
to
initialize
it
with.
If
it's
a
if
it's
password
protected,
you
need
to
give
the
passphrase
the
password.
C
And
if
it's
not
password
protected,
then
you
just
give
the
file
where
your
keys
are,
and
then
you
initialize
it,
and
I
I
could
you
can
basically
provide
both
the
public
and
the
private
key,
and
it
keeps
it
like
that,
and
this
is
essentially
used
to
create
a
ssh
connection.
So
ssj
will
be
used
to
create
a
ssh
client.
Something
like
this,
and
this
ssh
client
will
use
this
file
open,
ssh
key
one
keep
file
to
establish
a
connection
with
the
server,
so
I
was
able
to
get
the
java
private
key.
C
This
is
what
we
want
right.
As
far
as
I
know
my
my
doubts
then,
okay,
I
had
it
out,
then
how
do
we
consume
this?
How
do
we
want
to
use
this
because
I
was
looking
at
git
clients,
implementation
and
the
way
they
creating
a
file
and
they're
using
it.
So
I
was
not
entirely
sure
how
we're
doing
this.
To
my
understanding,
I
thought
that
what
we're
basically
doing
is
that
we're
letting
gate
cli
know
that
ssh
has
the
keys
and
then
they
talk
and
they
establish
the
connection
is
that
how
it
happens?
Mark.
A
C
A
So
there's
the
whoops
you
were,
you
were
right
at
it.
Go
back
up,
okay,
create
the
passphrase
file.
Oh
no
further
up.
So
this
is
this
is
all
right,
so
create
the
ssh
key
file
on
line
2812.
That's
that's!
Okay,
given
here's
the
ssh
private
key
and
it's
being
written
as
an
open,
ssh
private
key
file
to
that
location.
C
Yeah
I
I
understand
this
this
step
and
then
then
we
have
the
passphrase
file.
If
we
have
that
and
then
in
this
step
I
saw
that
this
is
what
I
was
looking
at.
A
C
A
C
Okay,
so
once
we
do
this,
then
get
cli
will
be
able
to
essentially
talk
to
ssh
and
get
the
that's.
That's
that's
its
responsibility
to
get
the
to
get
to
to
access
the
private
server
whatever
it
is.
A
A
So
so,
but
yes,
this
technique
that
you,
I
think,
you've
expressed
it
correctly.
It's
this
is
a
shell
script,
that's
being
written
to
the
disc
and
then
the
name
of
that
shout
the
path
to
that.
Shell
script
is
being
path
passed
as
the
is
it
ssh
ask,
pass
or
ssh
there.
There
is
a
or
get
underscore
there
is
a
specific
environment
variable.
That's
that
is
used
to
inform
command
line.
Git!
D
A
C
So
then,
my
question
is
that:
can
we
not
use
a
java
implement
a
java
client
for
ssh?
Why
are
why
do
we?
C
Maybe
that's
that's
not
connected
to
to
our
current
issue,
but
then
I
think
it's
eventually
connected
to
our
issue
that
if
we
are
creating
a
java
private
key,
how
are
we,
how
will
we
translate
this
to
the.
C
Okay,
okay,
so
that
means
that
then
we
need
this
private.
We
need
to
destructively
because
I,
as
far
as
I
understand
this,
is
not
decoded,
I
think
we
get
the
encoded.
If
there
has
to
be,
then
we
have
to
see
how
do
we
do
that?
So
I
thought
that
this
is.
This
is
the
first
step
right
that
we
get
the
private
keys
out
of
we'll
be
able
to
read
them,
and
then
we
get
the
private
keys,
but
then
how
do
we?
C
Okay,
so
we
put
a,
we
would
want
the
exact
same
content
to
be
written
in
a
file.
I
think
so,
yes
yeah.
We
don't
have
to
do
the
decryption
and
then
write
that
content
in
the
file.
A
C
A
C
A
C
No,
I
I
think,
yeah,
that's
what
I
need
to
understand
so
that
then
that
means
that
if
I'm
able
to
read
this
private
key
okay,
so
if
I'm
able
to
read
the
private
key
with
passwords
in
this
case
then-
and
if
I
be
able
to
get
the
private
key
out
of
it,
then
that
means
that
this
library
is
internally
handling
that
I
haven't
checked.
Actually
how
it's
doing
that,
but
so
so
from
what
I
understand
with
this
library
is
that
we
just
have
to
provide
the
the
private
key.
If
it's
a
password
protected.
C
Then
we
provide
that
password
in
terms
of
a
car
array,
and
it
basically
gives
us
the
private
key
and
the
public
key
out
of
it.
And
essentially
we
want
to
use
that
file
to
establish
a
ssh
connection
with
their
client.
But
I
was
concerned
if
it's
it's
going
to
give
us
the
privacy
or
not-
or
it's
just
going
to
be
considerable
for
the
ssh
client
in
the
ssj
library.
A
And
that
sounds
wonderful.
That
sounds
really
great.
So
so
I
think
what
you're
saying
is
you,
you
think
you've
found
a
way
with
ssh,
to
read:
passphrase
protected
private
keys
and
to
write
back
a
private
key
for
the
same
exact
key
that
is
no
longer
passphrase
protected,
or
at
least
you
think
conceptually
that
should
work.
C
C
So
so
I
just
need
to
know,
I'm
not
sure
if
I,
so
if
your
key
is
phase
protected
and
would
I
be
able
to
get
the
private
key
out
of
it
if
it
was
not
decrypted
internally
and
then
let's
say
I
would
be
able
to
see
its
encoding
and
the
algorithm
it
has
that's.
You
know
I,
I
think.
A
C
C
I
was
able
to
pass
that
to
this
file
initialization
with
my
with
my
ssh
key
so
and
in
this
case
the
interesting
thing
was
that
I
tried
it
with
the
without
giving
any
algorithm,
then
with
the
rsa
and
then
with
e2519
and
in
their
in
their
documentation
in
ssj's
documentation.
D
So
I
think
you
said
something
interesting
in
the
doc
from
last
week,
because
you
mentioned
that
the
passphrase.
I
think
that
passphrase
is
salt
for
encrypting
with,
like
I
think
in
your
example,
it
was
aes
256,
either
cbc
or
ctr.
D
C
It
does
that's
what
I'm
assuming
is
when
there
it
is
doing
that.
It's
not
just
reading
the.
Let
me
find
if
I
can
find
that
code.
C
But
I
did
not,
actually
you
know,
debug
it
line
by
line
and
understand
what
it
was
trying
to
do.
C
So
my
assumption
was,
if
I'm
able
to
get
the
private
key
out
of
it,
if
it's
able
to
initialize
it
a
password
protected
key
and
it's
giving
giving
me
a
private
key,
because
earlier,
when
I
was
trying
to
use
bouncy
castle
in
this
code,
then
I
was
not
able
to
get
generate
the
private
even
generate
the
private
key.
In
this
case,
we-
and
essentially
this,
is
what
the
key
factory
does.
It
provides
us
with
an
instance
of
a
private
key
with
the
generate
private
method.
C
C
Do
we
have
other
topics
to
discuss
for
this
meeting?
I'm
sorry,
I
think
we
have
taken.
C
D
Yeah,
oh
okay,
yeah
yeah
hershey
did
you
have
any
topics,
other
topics
that
you'd
like
to
discuss,
or
is
this
kind
of
helpful.
B
D
C
Of
four
sets
of
keys,
I
think
an
exhaustive
list
of
whatever
possible
algorithms
and
the
ways
people
can
create
the
openness
with
sms
and
then
use
this
library
to
read
them,
get
their
private
key
and
then
write
them
into
the
file
and
then
try
to
do
what
is
mentioning.
D
E
A
C
C
So
so,
I
guess
are
the
objectives
since
in
the
last
meeting
I
asked
one
what
would
be
the
benefit
of
using
of
doing
this
programmatically
versus
I
mean
with
a
java
and
native
implementation
and
first
of
using
the
launch
command,
and
there
were
clear
benefits
of
using
a
library
within
our
within
the
java
code.
C
Probably
you
would
have
to
write
some
sort
of
a,
I
would
say
utility
which
would
which
would
have
to
understand
the
algorithm,
because
in
this
case,
with
this
api,
the
open,
ssh,
b1
k5,
you
don't
have
to
specify
the
algorithm.
It
is
going
to
detect
that
on
its
own
cell.
If
you,
if
you
see
that
I
have
provided
two
files
here,
I'm
sorry
for
the
message,
but
this
this
one
and
this
one
should
be
one
of
them
is
rsa
and
one
of
them
is
et255.
C
C
The
key
is
using
because,
in
the
case
of
bouncy
castle,
we
we
had
to
worry
about
the
encryption
algorithm
as
well,
because
the
key
factor
would
be
initialized
only
if
we
wanted
to
generate
a
private
key
with
the
key
factory
implementation,
then
we
would
have
to
know
the
algorithm
by
which
the
key
was
encrypted,
and
that
is
how
we
could
generate
the
currency
in
this
case.
That
is
not
the
that's,
not
something
we
have
to
worry
about,
at
least
for
the
supported
formats.
B
Actually,
I
was
saying
that
the
key
factory
like
even
if
we
know
the
algorithm-
I
am
not
sure
if
we
using
that
form,
I
mean
using
the
bouncy
castle-
jenkins
plugin.
Even
if
we
know
the
algorithm,
we
are
like
sure
that
it
will
be
decode.
It
will
be
able
to.
C
C
Saying
but
then
yeah
we
definitely
have
to
see
that
this
works
end
to
end,
because
even
if
we
are
able
to
generate
the
private
key,
if
we
are
not
able
to
feed
this
to
what
the
gate
client
is
doing,
then
it
it's
of
new
use
to
us.
That
is
an
experiment.
We
definitely
have
to
be
sure
that
this
is
going
to
work.
C
So
yeah
that
would
be
I.
I
am
not
sure
if
you
would
have
the
time
to
do
it
because
you
already
have
to,
and
you
have
to
work
on
or
maybe
so
so
currently
with
our
schedule.
How
are
we
planning
to
do
the?
When
are
we
planning
to
do
the
ssh
means
by
name?
Are
we
are
we
thinking
that
we
first
oh
we're.
A
A
Sorry
har
should
I
use
the
wrong
name,
that's
really
embarrassing,
and
that
was
recorded
too.
I
was
just
talking
to
dhiraj
singh
jodha
about
documentation
an
hour
ago.
So
sorry,
our
are
you
still,
okay
with
us,
with
the
concept
that
we
release
username
password
first,
be
sure,
before
switching
focus
to
ssh
keys.
C
Yes,
okay,
then
I
think
you
don't
need
to
worry
about
this.
A
B
C
E
D
I
guess
administrative
question
for
you
mark
regardless
regarding
dependencies.
I
think
this
looks
like
if
we
were
to
want
to
use
ssh
as
a
dependency
like
it's
apache2o.
D
A
D
Yeah-
and
I
could
I
guess
I
can
do
this
async
too,
but
are
you
scheduling,
I
think,
you're
scheduling
through
google
me
and
then
just
attaching
a
link
to
this?
That
way
right.
Are
you
scheduling
through
zoom,.
A
D
A
No
sorry,
google
calendar
is
what
I
meant
so,
oh
yeah,
so
so
I
I'll
I'll
point
you
to
the
meeting
that
I
s
I
defined
that's
currently
defined
each
week
on
a
tuesday
and
all
you'll
need
to
do
is
redefine
it
to
wednesday
yeah.
You
can
just
make
the.