Paths

Table of Contentst

Differential D18907

When administrators revoke SSH keys, don't include a "security warning" in the mail
ClosedPublic
Actions

Authored by epriestley on Jan 22 2018, 1:59 AM.

Tags

None

Referenced Files

	Unknown Object (File)
	Mon, Nov 11, 2:53 PM

	Unknown Object (File)
	Mon, Nov 11, 8:47 AM

	Unknown Object (File)
	Sun, Nov 3, 7:08 PM

	Unknown Object (File)
	Mon, Oct 28, 3:04 AM

	Unknown Object (File)
	Oct 19 2024, 3:03 AM

	Unknown Object (File)
	Oct 14 2024, 11:00 AM

	Unknown Object (File)
	Oct 10 2024, 3:45 PM

	Unknown Object (File)
	Oct 10 2024, 12:24 PM

Subscribers

None

Details

Reviewers

Maniphest Tasks

T13043: Improve authentication revocation behaviors

Commits

rP13ef5c6f2314: When administrators revoke SSH keys, don't include a "security warning" in the…

Summary

Depends on D18906. Ref T13043. When SSH keys are edited, we normally include a warning that if you don't recognize the activity you might have problems in the mail body.

Currently, this warning is also shown for revocations with bin/auth revoke --type ssh. However, these revocations are safe (revocations are generally not dangerous anyway) and almost certainly legitimate and administrative, so don't warn users about them.

Test Plan

Created and revoked a key.
Creation mail still had warning; revocation mail no longer did.

Diff Detail

Repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

epriestley created this revision.Jan 22 2018, 1:59 AM

epriestley edited the summary of this revision. (Show Details)Jan 22 2018, 2:00 AM

epriestley added a task: T13043: Improve authentication revocation behaviors.

Harbormaster completed remote builds in B19110: Diff 45323.Jan 22 2018, 2:00 AM

epriestley requested review of this revision.Jan 22 2018, 2:00 AM

epriestley added a child revision: D18908: Mark all existing password hashes as "legacy" and start upgrading digest formats.Jan 22 2018, 2:16 AM

amckinley accepted this revision.Jan 23 2018, 7:51 PM

This revision is now accepted and ready to land.Jan 23 2018, 7:51 PM

Closed by commit rP13ef5c6f2314: When administrators revoke SSH keys, don't include a "security warning" in the… (authored by epriestley). · Explain WhyJan 23 2018, 10:00 PM

This revision was automatically updated to reflect the committed changes.

epriestley mentioned this in T13043: Improve authentication revocation behaviors.Jan 23 2018, 11:43 PM

Revision Contents
Changeset List

Path

Size

src/

applications/

auth/

editor/

PhabricatorAuthSSHKeyEditor.php

36 lines

revoker/

PhabricatorAuthSSHRevoker.php

1 line

Diff 45368

src/applications/auth/editor/PhabricatorAuthSSHKeyEditor.php

Loading...

src/applications/auth/revoker/PhabricatorAuthSSHRevoker.php

Loading...