Add an optional "--sshd-key" argument to "bin/ssh-auth" for reading "%k" from…
24f771c1bc07
Actions

Description

Add an optional "--sshd-key" argument to "bin/ssh-auth" for reading "%k" from modern sshd

Summary: Depends on D20873. Ref T13436. Allow callers to configure "bin/ssh-auth --sshd-key %k" as an "AuthorizedKeysCommand"; if they do, and we recognize the key, emit just that key in the output.

Test Plan:

Used git pull locally, still worked fine.
Instrumented things, saw the public key lookup actually work and emit a single key.
Ran without "--sshd-key", got a full key list as before.

Maniphest Tasks: T13436

Differential Revision: https://secure.phabricator.com/D20874

Details

Provenance

epriestley	Authored on Sep 13 2019, 8:25 AM
themackabu	Pushed on Tue, Mar 25, 8:07 PM

Parents

rP02f85f03bda7: Remove the "ssh-auth-key" script

Branches

Unknown

Tags

Unknown

Event Timeline

Changes (1)

Path

Size

scripts/

ssh/

ssh-auth.php

rP24f771c1bc07

View Options