Add ConnectBot as a library to agit

[jwir3]

In the wiki, it mentions that ConnectBot can be used to store keys for git over SSH. Unfortunately, this requires that ConnectBot be installed prior to agit. I suspect there is rationale for not including an implementation of ConnectBot with agit, but it would be nice if a bare bones implementation were included so users can skip this step.

Alternatively, if agit didn't detect a usable SSH client on first run, it would be nice if it remembered this and researched for it on subsequent runs. Or, even pointed to the Google play page for ConnectBot. This would save users from having to the uninstall agit-install ConnectBot-reinstall agit dance.

[kousu]

Rechecking for ConnectBot is impossible. As that wiki page mentions, the 'permission' "org.openintents.ssh.permission.ACCESS_SSH_AGENT" needs to be installed with the device when agit is installed because a big part of Android's security mechanism is that permissions are given to apps before they ever get to run themselves. ACCESS_SSH_AGENT doesn't exist natively in Android--it is added by (Ryan's patch to) ConnectBot. I assume agit doesn't actually know that it's talking to ConnectBot---all it knows is that something is responding to ACCESS_SSH_AGENT.

agit does include an ssh library, for it can use ssh with passwords. It's just that the ssh-agent function is handled by ConnectBot (and it is all the safer for it). Including ssh-agent functionality in agit would mean a) writing and vetting security code b) writing a new UI to support it. All that is prone to bugs.

[jwir3]

@kousu Wouldn't it be possible to include a pre-built version of ConnectBot that ships with agit, so agit can use it out of the box? Then, the permission ACCESS_SSH_AGENT could be added to agit itself, so that users didn't have to install an alternative ssh client.

I understand the security concerns that disallow agit from redetecting an SSH client after first run.