►
From YouTube: GSoC 2021 Git credentials binding 2021 06 08
Description
Git credentials binding project in Google Summer of Code 2021. Discussion topics included preparing the first pull request, more project documentation, and the ssh private key implementation alternatives
A
A
A
A
A
B
A
Yeah,
so
so
I
guess
to
answer
your
question:
if
you
submit
code
that
has
no
test
cases,
someone
else
will
likely
test
it.
Interactively
give
you
feedback
on
their
interactive
test
results
and
then
tell
you
now
you
need
to
write
automated
tests,
but
the
interactive
testing
is
good,
even
if,
even
if
you
haven't
yet
created
interactive,
if
you,
even
if
you
haven't
created
automated
tests,
yet
interactive
testing
is
still
very
valuable.
A
C
A
C
A
And-
and
that
is
that
is
correct,
so
if
wednesday
7
30
a.m,
india
standard
time
works
for
everybody.
That's
great
for
me
is
that
would
be
that's
the
time
we
did
it
before.
How
is
that
for
you
justin?
Is
that
a
workable
time
for
you,
so
tuesday
opening
7
p.m?
Your
time,
I
think
right
right
now.
What
time
is
it
right
now,
your
time,
it's
eight
p.m.
D
A
C
C
So
yeah
for
previous
juice
of
2020,
we
kept
it
wednesday,
friday,
tuesday,
exactly
remember
but
yeah.
We
used
to
keep
two
sessions,
but
I
think
it's
entirely
dependent
on
the
student.
I
would
say,
if
you
have
enough
questions
that
you
would
like
to
ask
within
a
week,
then
we
can
have
two
sessions.
But
if
you
think
that
one
session
is
enough
for
your
development,
then
you
know
I
am
personally
comfortable
in
session
as
well.
A
B
A
A
A
A
Oh
very
good,
I
know
if
you,
if
you've
got
a
lastpass,
that's
I
I
have
ways
to
do
a
one-time
sharing
through
other
other
things,
so
this
this
will
be
easy
I'll,
just
send
it
to
you
great,
sweet,
okay,
so
anything
else
we
need
to
discuss
today.
So
how
should
you
mention
that
you're
going
to
some?
You
know
what
I
guess.
One
topic
I
had
was:
we
will
need
documentation
included
as
well.
Eventually
have
you
given
any
thought
to
how
to
document
it.
A
Sure
here,
let's
see
so
you
we
want
to
look
at
the
project
proposal
on
the
jenkins
io
site.
Or
is
it?
Are
you
looking
at
it
at
somewhere
else,
jenkins,
iosight,
okay,
great?
So
let's
go
here
and
nope,
not
that
one!
Sorry,
2021
g
sock
sub
project
here
we
are
okay,
good
and
is
that
visible
to
everyone.
A
All
these
have,
these
are
to
be
kept.
Oh
no,
you
can
choose,
you
should
choose,
choose
much
better
if
you've
got
a
better
name
for
them.
You
are
welcome
to
choose
the
better
name.
Absolutely
this
was
just
this
was
just
the
idea
is,
is
what
you're
asking
is.
Do
you
have
to
use
this
name,
and
this
name
kind
of
thing
is
that
what
you're
asking.
A
A
A
B
A
B
D
A
A
D
A
A
And
then
yeah
we
could
do.
We
could
have
the
section
on
deliverables.
Certainly,
we've
identified
right
that
there
is
a
username
password
pull
request
and
a
release
of
the
get
client
plug-in
for
it,
a
passphrase
based
and
a
release,
and
possibly
or
and
hopefully
a
pr
passphrase
protected
private
key
and
a
release.
A
So
this
goes
through
the
those
various
pieces
and
then,
as
you
go
further
down
the
page,
it
will
get
you
into
links
to
steps
that
have
happened
later
on.
So
performance
enhancement
was
a
later
step
there
we
go
evaluation
phase
one
and
that's
that's
coding
phase.
One
basically
isn't
that
what
that
represented
for
us
richard
was
this
was
coding
phase
one.
So
what
we're
starting
now
and
we'll
run
for?
What
is
this?
Do
we
have
four
weeks
in
coding
phase
one
or
six.
C
That
is
how
you're
going
to
explain
your
project
and
that's
a
lot
of
code,
so
I
think
the
best
way
to
represent
it
would
be
first
to
give
a
design
to
give
a
picture
in
any
form
like
the
uml
diagram.
However,
you
want
to
represent
your
class
or
your
implementation
and
then
go
with
explaining
that
implementation.
B
A
D
D
D
A
E
A
A
A
A
B
D
Yeah,
my
my
mac
does
not
have
permissions
to
hold
on
to
zoom,
so
I
could
either
leave
and
come
back
or
oh.
What
does
that
mean?
So
you
I've
made
you
host,
but
you
can't
can't
stay
as
host
or
so
I
can
stay
as
host,
but
I
just
can't
share
my
screen
just
because
my
mac
hasn't
given
zoom
privileges.
Yet
oh
okay,
yeah,
I
see
you
don't
have
to,
but
we.
C
See
it
yeah
so
so.
Last
time
we
were
discussing
on
a
possibility
of
decrypting
the
openssh
private
keys
with
bouncy
hassle
apis
and,
if
you
so
justin
you're,
not
there,
but
basically
what
we
found
was
that
there
were.
There
are
specs
which
bouncy
castle
has
created,
which
kind
of
gave
us
a
hint
this.
C
This
is
a
spec
which
they
created
for
the
open
ssh
for
the
new
format,
so
this
kind
of
gave
us
a
hint
that
there
is
a
possibility,
an
area
where
we
could
bouncy
castle
could
provide
us
the
ability
to
decrypt
those
keys.
So
so
I
was
trying
that
I
was
I
basically
what
I
tried
was
that
I
created
some
test
keys.
I
have
pasted
them
here
as
well,
and
I
have
them
in
my
in
in
another
folder
as
well,
so
they
were
created
with
I.
I
created
three
experiments.
C
C
C
This
bouncy
asset
was
able
to
pass
and
I
I
was
able
to
get
the
private
key
from
the
key
factory
java
private
key
implementation
from
the
spec
that
so
I
could
do
that
with
this
algorithm
if
the
key
was
created
specifically
with
this
algorithm,
but
I
was
facing
an
issue
if
the
user
was
not
mentioning
the
algorithm.
So
let's
say
if
the.
C
If
the
user
creates
a
key
like
this,
then
it
was
not
able
to
pass
it.
I
was
facing
an
issue
with
the
passing
logic
of
open,
ssh,
private
key,
and
I
can
I
tried
to
find
reasons
for
it,
but
I
could
not,
and
so
one
more
thing
I
saw
in
their
own-
I
actually
have
their
I
cloned
their
project
as
well,
so
I
was
for
for
me.
C
I
personally
found
out
that
the
best
way
to
look
how
to
use
it
was
to
look
at
the
tests
they
have
for
for
these
classes,
I'm
trying
to
test
use
actually
so
so
what
I'm
sure
about
is
that
they've
tested
rsa
here?
So
if
you
have
a
rsa
private
key,
this
can
be
read
and
decrypted
using
the
bouncy
castle
apis.
C
If
you
have
a
dsa,
that
also
can
be
done
if
it's
e
c
dsa
that
also
is
covered
here
and
ad25519
is
also
covered
here.
But
all
of
these
keys
are
not
passwords
protected,
because
what
I
found
out
was-
and
let
me
go
to
the
document
as
well-
that
if
any
ssh
key
is,
is,
is
being
passed
phase
protected
by
the
open,
ssh,
the
ssh
key
gen,
then
it
is
encrypted
with
this
format,
with
this
algorithm.
C
So
so
what
I
could
understand
is
that
first,
we
need
to
decrypt
that
and
then
get
the
private
key
and
process
it
with
the
with
the
open,
ssh
utility
that
bouncy
castle
has
provided
so
with
pass
phase
projected
keys.
That
was
what
I
saw
like
I
tried
for
any
algorithm
I
gave
in
the
open
ssh
format.
It
was
not
able
to
pass
pass
it.
So
that
was
the
first
thing
I
found
out
when
with
this,
so
it
was.
C
Yes,
that
is
what
I
saw
with
ed25519
algorithm
and
with
rsa
with
both
of
them.
If
their
past
is
protected.
This
is
what
it
said
when
it
when
it
was
trying
to
decrypt
it.
I
was
debugging
the
code
and
it
was
able
to
get
this
cipher
out
of
the
key
and
it
said,
and
it
does
not
support
the
cipher,
and
I
can
also
show
you
in
their
in
their
implementation
in
their
implementation.
Basically,
this
is
exactly.
C
This
is
the
line
where
they
try
to
get
the
cipher
from
the
private
key,
and
if
you
can
look
here,
they
basically
expect
that
this
there
is
no
cipher.
If
there
is
a
cipher,
then
it
says,
encrypted
keys
are
not
supported,
that's
fun,
yeah,
so
so
with
bouncy
castle.
I
to
be
more
clear,
I
was
not
able
to
pass
any
pass
phase
protected
sshk,
but
I
was
able
to
pass
keys
with
this
format
without
passwords.
C
With
one
issue
that
if
the
algorithm
is
not
mentioned
by
creating
the
ssh
key,
that
that
is
rsa
by
default,
but
but
I
am
not
sure
why
bouncy
asset
was
creating
an
issue.
Maybe
I
was
doing
something
wrong,
I'm
not
sure,
but
there
was
definitely
an
issue.
It
was
not
able
to
pass
it.
It
says
that
it
gives
me
the
same
error.
Encrypted
keys
are
not
supported,
so
I
I
actually
kind
of
yeah.
These
were
the
formats
I
could
pass
with
the
bouncy
castle
apis,
but
then
I
I
if
there
is
no
questions.
C
I
went
ahead
and
I
looked
at
a
different
library,
and
that
was
really
interesting
because
that
was
ssj
and
to
my
understanding,
ssj
is
a
java
implementation
of
ssh
scp
sftp
clients.
So,
with
with
that
library,
I
was
able
to
pass
every
if
it's
a
pathways
protected
key
or
without
a
password.
I
was
able
to
read
them
and
I
was
able
to
generate
a
private
key
out
of
them.
A
C
C
And
if
it's
not
password
protected,
then
you
just
give
the
file
where
your
keys
are,
and
then
you
initialize
it,
and
I
I
could
you
can
basically
provide
both
the
public
and
the
private
key,
and
it
keeps
it
like
that,
and
this
is
essentially
used
to
create
a
ssh
connection.
So
ssj
will
be
used
to
create
a
ssh
client.
Something
like
this,
and
this
ssh
client
will
use
this
file
open,
ssh
key
one
keep
file
to
establish
a
connection
with
the
server,
so
I
was
able
to
get
the
java
private
key.
C
This
is
what
we
want
right.
As
far
as
I
know
my
my
doubts
then,
okay,
I
had
it
out,
then
how
do
we
consume
this?
How
do
we
want
to
use
this
because
I
was
looking
at
git
clients,
implementation
and
the
way
they
creating
a
file
and
they're
using
it.
So
I
was
not
entirely
sure
how
we're
doing
this.
To
my
understanding,
I
thought
that
what
we're
basically
doing
is
that
we're
letting
gate
cli
know
that
ssh
has
the
keys
and
then
they
talk
and
they
establish
the
connection
is
that
how
it
happens?
Mark.
A
C
A
So
there's
the
whoops
you
were,
you
were
right
at
it.
Go
back
up,
okay,
create
the
passphrase
file.
Oh
no
further
up.
So
this
is
this
is
all
right,
so
create
the
ssh
key
file
on
line
2812.
That's
that's!
Okay,
given
here's
the
ssh
private
key
and
it's
being
written
as
an
open,
ssh
private
key
file
to
that
location.
C
A
C
A
C
A
A
So
so,
but
yes,
this
technique
that
you,
I
think,
you've
expressed
it
correctly.
It's
this
is
a
shell
script,
that's
being
written
to
the
disc
and
then
the
name
of
that
shout
the
path
to
that.
Shell
script
is
being
path
passed
as
the
is
it
ssh
ask,
pass
or
ssh
there.
There
is
a
or
get
underscore
there
is
a
specific
environment
variable.
That's
that
is
used
to
inform
command
line.
Git!
D
A
C
C
Okay,
okay,
so
that
means
that
then
we
need
this
private.
We
need
to
destructively
because
I,
as
far
as
I
understand
this,
is
not
decoded,
I
think
we
get
the
encoded.
If
there
has
to
be,
then
we
have
to
see
how
do
we
do
that?
So
I
thought
that
this
is.
This
is
the
first
step
right
that
we
get
the
private
keys
out
of
we'll
be
able
to
read
them,
and
then
we
get
the
private
keys,
but
then
how
do
we?
C
A
C
A
C
A
C
No,
I
I
think,
yeah,
that's
what
I
need
to
understand
so
that
then
that
means
that
if
I'm
able
to
read
this
private
key
okay,
so
if
I'm
able
to
read
the
private
key
with
passwords
in
this
case
then-
and
if
I
be
able
to
get
the
private
key
out
of
it,
then
that
means
that
this
library
is
internally
handling
that
I
haven't
checked.
Actually
how
it's
doing
that,
but
so
so
from
what
I
understand
with
this
library
is
that
we
just
have
to
provide
the
the
private
key.
If
it's
a
password
protected.
C
Then
we
provide
that
password
in
terms
of
a
car
array,
and
it
basically
gives
us
the
private
key
and
the
public
key
out
of
it.
And
essentially
we
want
to
use
that
file
to
establish
a
ssh
connection
with
their
client.
But
I
was
concerned
if
it's
it's
going
to
give
us
the
privacy
or
not-
or
it's
just
going
to
be
considerable
for
the
ssh
client
in
the
ssj
library.
A
And
that
sounds
wonderful.
That
sounds
really
great.
So
so
I
think
what
you're
saying
is
you,
you
think
you've
found
a
way
with
ssh,
to
read:
passphrase
protected
private
keys
and
to
write
back
a
private
key
for
the
same
exact
key
that
is
no
longer
passphrase
protected,
or
at
least
you
think
conceptually
that
should
work.
C
C
A
C
D
C
C
So
my
assumption
was,
if
I'm
able
to
get
the
private
key
out
of
it,
if
it's
able
to
initialize
it
a
password
protected
key
and
it's
giving
giving
me
a
private
key,
because
earlier,
when
I
was
trying
to
use
bouncy
castle
in
this
code,
then
I
was
not
able
to
get
generate
the
private
even
generate
the
private
key.
In
this
case,
we-
and
essentially
this,
is
what
the
key
factory
does.
It
provides
us
with
an
instance
of
a
private
key
with
the
generate
private
method.
C
C
B
D
D
E
A
C
C
Probably
you
would
have
to
write
some
sort
of
a,
I
would
say
utility
which
would
which
would
have
to
understand
the
algorithm,
because
in
this
case,
with
this
api,
the
open,
ssh,
b1
k5,
you
don't
have
to
specify
the
algorithm.
It
is
going
to
detect
that
on
its
own
cell.
If
you,
if
you
see
that
I
have
provided
two
files
here,
I'm
sorry
for
the
message,
but
this
this
one
and
this
one
should
be
one
of
them
is
rsa
and
one
of
them
is
et255.
C
C
The
key
is
using
because,
in
the
case
of
bouncy
castle,
we
we
had
to
worry
about
the
encryption
algorithm
as
well,
because
the
key
factor
would
be
initialized
only
if
we
wanted
to
generate
a
private
key
with
the
key
factory
implementation,
then
we
would
have
to
know
the
algorithm
by
which
the
key
was
encrypted,
and
that
is
how
we
could
generate
the
currency
in
this
case.
That
is
not
the
that's,
not
something
we
have
to
worry
about,
at
least
for
the
supported
formats.
B
C
C
Saying
but
then
yeah
we
definitely
have
to
see
that
this
works
end
to
end,
because
even
if
we
are
able
to
generate
the
private
key,
if
we
are
not
able
to
feed
this
to
what
the
gate
client
is
doing,
then
it
it's
of
new
use
to
us.
That
is
an
experiment.
We
definitely
have
to
be
sure
that
this
is
going
to
work.
C
A
A
Sorry
har
should
I
use
the
wrong
name,
that's
really
embarrassing,
and
that
was
recorded
too.
I
was
just
talking
to
dhiraj
singh
jodha
about
documentation
an
hour
ago.
So
sorry,
our
are
you
still,
okay
with
us,
with
the
concept
that
we
release
username
password
first,
be
sure,
before
switching
focus
to
ssh
keys.