Refactor to use key directly instead of fingerprint

Review Request #2449 — Created April 29, 2023 and submitted

Information

grim/hgkeeper
default

Reviewers

OpenSSH can provide the type and key with "%t %k". So we do not need
to match it with fingerprints.

This simplifies key handling a lot and allows to search for requested
pubkey in later changes.

 
Summary ID Author
Refactor to use key instead of fingerprint directly
OpenSSH can provide the type and key with "%t %k". So we do not need to match it with fingerprints. This simplifies key handling a lot and allows to search for requested pubkey in later changes.
efba9f1580c58402f60342d6cbb088acd2b2bb19 Andre Klitzing
Description From Last Updated

overall this looks good but it totally breaks existing ssh setups and we should avoid that.

grimgrim

some people use rsa4096 keys and that's a lot to output in a log message so it probably makes sense …

grimgrim
aklitzing@gmail.com
aklitzing@gmail.com
grim
  1. 
      
  2. Show all issues

    overall this looks good but it totally breaks existing ssh setups and we should avoid that.

    1. Yeah, I know. But shouldn't be a new release with big "release notes: breaking change!" enough? It is just %f to "%t %k"

    2. Major release should be allowed to break old stuff. Mabye it is time to remove "site hgrc", too?

    3. Well a major release would be a 2.0.0 not a 1.2.0. That said maybe there's enough stuff here for that.. Let me ping some people and think about this a bit. Sorry I know this has been taking a while but I don't want to rush this either. Also this would require the docs to get updated as well.

    4. Derp, I forgot to check again if the docs where updated and they were. Sorry it's late :-/

    5. I did ping a bunch of people and they're okay with this as long as it's a major version bump and documented, which it will be.

  3. ssh/server.go (Diff revision 2)
     
     
    Show all issues

    some people use rsa4096 keys and that's a lot to output in a log message so it probably makes sense to use the finger print here.

  4. 
      
aklitzing@gmail.com
grim
  1. Ship It!
  2. Awesome, thank you so much for the updates and your patience!!

  3. 
      
grim
Review request changed
Status:
Completed