Please check the status of this specification in Launchpad before editing it. If it is Approved, contact the Assignee or another knowledgeable person before making changes.
Launchpad Entry: apt-sftp-support
Packages affected: apt, libcurl
This spec describes how to add support for the sftp protocol to apt.
Launchpad private PPAs consider using ssh/sftp as their authentication mechanism. Apt needs to support it as well then to make private PPAs useful.
The apt transport will be based on libcurl and should share as much code as possible with the libcurl based https transport.
The current libcurl in hardy has support for sftp via libssh2. For license reasons (we do not have a explicit excpection for openssl) we need to build with libcurl-gnutls. The current curl package does not enable sftp for libcurl-gnutls. We need to fix that (should be no problem, because libssl2 links against libgcrypt *not* openssl). Then libssl2 needs to be promoted to main (libcurl is already in main).
Some sftp specifc options need to be added to the transport, especially acquire::sftp::private-keyfile and acquire::sftp::public-keyfile (matching CURLOPT_SSH_PRIVATE_KEYFILE and CURLOPT_SSH_PUBLIC_KEYFILE). The default should be ~/.ssh/id_dsa).
Will launchpad actually use sftp:// for private PPAs?