Page MenuHomePhabricator

Add an optional "--sshd-key" argument to "bin/ssh-auth" for reading "%k" from modern sshd

Authored by epriestley on Oct 29 2019, 12:49 AM.



Depends on D20873. Ref T13436. Allow callers to configure "bin/ssh-auth --sshd-key %k" as an "AuthorizedKeysCommand"; if they do, and we recognize the key, emit just that key in the output.

Test Plan
  • Used git pull locally, still worked fine.
  • Instrumented things, saw the public key lookup actually work and emit a single key.
  • Ran without "--sshd-key", got a full key list as before.

Diff Detail

rP Phabricator
Automatic diff as part of commit; lint not applicable.
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

epriestley created this revision.Oct 29 2019, 12:49 AM
epriestley requested review of this revision.Oct 29 2019, 12:50 AM
This revision was not accepted when it landed; it landed in state Needs Review.Oct 29 2019, 12:57 AM
This revision was automatically updated to reflect the committed changes.