[#382] Show to user whether ssh key in database was written to disk (or still pending)

Description

Summary:

Detailed description

Three issues related to ssh keys:

  1. SSH keys are stored in /var/lib/gforge/chroot/home/users/username/.ssh/authorized_keys There is a cronjob that writes keys uploaded through the web back to disk.

The cronjob is only executed every x minutes or so. The user has no idea, whether the ssh keys were already updated or not. Somehow expose this information to user. Maybe a warning that "ssh key was not yet updated on disk" or something.

We had a few support requests where the cronjob died and the ssh key was never updated on disk. Having a clear picture whether the key on disk is consistent with mysql would simplify debugging.

This will probably require a new database field that tracks whether the key was updated or not and needs to be written to disk.

  1. Second, authorizedkeys file is updated even if ssh keys were not changed. This causes a lot of traffic if system is being backed up using rsync (timestamp change). There is no need to update authorizedkeys if the key was not changed.

  2. Lastly, it would be nice to show key fingerprints to the user. This can be done by calling ssh-keygen -lf /var/lib/gforge/chroot/home/users/username/.ssh/authorized_keys

General Information
Submitted by:
Marcel Baur
Date Submitted: 2012-04-03 16:10
Last Modified by: Nobody
Last Modified: 2017-11-02 20:00
Date Closed: 2012-06-10 18:06
Permalink: https://fusionforge.org/tracker/a_follow.php/382
Actions
Internal Fields
Data Type: Feature requests
Assigned to: Franck Villaume (nerville)
State: Closed
Priority: 3
Extra Fields
Resolution:
Accepted
Difficulty:
Complex
Target release:
5.3
Follow-up tabs
Message  ↓
Date: 2012-06-10 18:06
Sender: Franck Villaume

Uploaded date is now available in trunk r15712.

Warning, it needs a complete db migration.

authorized_keys file is now modified only if there are new or to be deleted keys.

Date: 2012-06-10 12:19
Sender: Franck Villaume

svn commit r15705 in trunk implement at least per key : - fingerprint - name - algorithm - deployment status

Date: 2012-04-09 08:30
Sender: Franck Villaume

basicaly, we need a real rewrite of the way authorized_keys is handle in fusionforge.... currently, all keys are store in one column ... the way you configure your keys is just ugly. But it currently works.

No attached documents

No related commits.

Field Old Value Date By
status_idOpen2012-06-10 18:06
Franck Villaume
close_dateNone2012-06-10 18:06
Franck Villaume
ResolutionNone2012-06-10 18:06
Franck Villaume
Target releasetrunk2012-06-10 12:19
Franck Villaume
DifficultyNone2012-04-09 08:30
Franck Villaume
Target releaseNone2012-04-09 08:30
Franck Villaume
assigned_tonone2012-04-09 08:30
Franck Villaume

No relations found.