Page MenuHomePhabricator

Fix an issue where passphrase-protected private keys were stored without discarding passphrases

Authored by epriestley on May 13 2020, 3:05 PM.
Referenced Files
Unknown Object (File)
Fri, Apr 5, 1:19 AM
Unknown Object (File)
Sun, Mar 31, 8:19 AM
Unknown Object (File)
Feb 18 2024, 5:55 PM
Unknown Object (File)
Feb 15 2024, 5:32 AM
Unknown Object (File)
Feb 4 2024, 12:13 AM
Unknown Object (File)
Jan 25 2024, 2:23 AM
Unknown Object (File)
Jan 24 2024, 4:45 PM
Unknown Object (File)
Dec 23 2023, 12:54 PM



Ref T13454. See

After changes to distinguish between invalid and passphrase-protected keys, SSH private key management code incorrectly uses "-y ..." ("print public key") when it means "-p ..." ("modify input file, removing passphrase"). This results in the command having no effect, and Passphrase stores the raw input credential, not the stripped version.

We can't recover the keys because we don't store the passphrase, so no migration here is really possible. (We could add more code to detect this case, but it's presumably rare.)

Also, correct the behavior of the "Show Public Key" action: this is available for users who can see the credential and does not require edit permission.

Test Plan
  • Created a new credential with a passphrase, then showed the public key.

Diff Detail

rP Phabricator
Lint Not Applicable
Tests Not Applicable