From 3607fd08170223eaba9db5eb118d248fc19ebb89 Mon Sep 17 00:00:00 2001
From: Andrew Engelbrecht <andrew@engelbrecht.io>
Date: Sun, 24 Oct 2021 22:35:36 -0400
Subject: [PATCH] don't try to fall back to ssh password auth

kaya is meant to be run from a script, and it's not hard to set up ssh
keys. if ssh were to fall back to password authentication, the backup
would hang indefinately. password authentication is also less secure.
---
 kaya | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/kaya b/kaya
index c2d4b7d..6d85d3c 100755
--- a/kaya
+++ b/kaya
@@ -137,7 +137,8 @@ start-backup() {
     trap 'rm -f ${log_dump}' EXIT
 
     # make the backup over a forwarded port
-    cat << EOF | ssh -R "${remote_port}:localhost:${local_port}" "${remote_user}@${hostname}" kaya-client \
+    cat << EOF | ssh -o PasswordAuthentication=no -R "${remote_port}:localhost:${local_port}" \
+        "${remote_user}@${hostname}" kaya-client \
         "${remote_port@Q}" "${hostname@Q}" "${backup_options[@]@Q}" \
         | tee "${log_dump}" | { grep -v "KAYA_SUCCESSFUL_BACKUP_MESSAGE" ||:; }
 ${kaya_protocol_version}
-- 
2.25.1