Paths

Table of Contentst

Differential D18907

When administrators revoke SSH keys, don't include a "security warning" in the mail
ClosedPublic
Actions

Authored by epriestley on Jan 22 2018, 1:59 AM.

Tags

None

Referenced Files

	Unknown Object (File)
	Fri, May 3, 2:26 AM

	Unknown Object (File)
	Thu, May 2, 1:23 PM

	Unknown Object (File)
	Wed, May 1, 6:06 PM

	Unknown Object (File)
	Mon, Apr 29, 1:56 PM

	Unknown Object (File)
	Wed, Apr 24, 10:02 PM

	Unknown Object (File)
	Sun, Apr 21, 4:07 PM

	Unknown Object (File)
	Fri, Apr 19, 7:07 PM

	Unknown Object (File)
	Fri, Apr 19, 1:10 PM

View All 91 Files

Subscribers

None

Details

Reviewers

Maniphest Tasks

T13043: Improve authentication revocation behaviors

Commits

rP13ef5c6f2314: When administrators revoke SSH keys, don't include a "security warning" in the…

Summary

Depends on D18906. Ref T13043. When SSH keys are edited, we normally include a warning that if you don't recognize the activity you might have problems in the mail body.

Currently, this warning is also shown for revocations with bin/auth revoke --type ssh. However, these revocations are safe (revocations are generally not dangerous anyway) and almost certainly legitimate and administrative, so don't warn users about them.

Test Plan

Created and revoked a key.
Creation mail still had warning; revocation mail no longer did.

Diff Detail

Repository

Branch

revoke17

Lint

Lint Passed

Unit

Tests Passed

Build Status

Buildable 19110
Build 25800: Run Core Tests
Build 25799: arc lint + arc unit

Event Timeline

epriestley created this revision.Jan 22 2018, 1:59 AM

epriestley edited the summary of this revision. (Show Details)Jan 22 2018, 2:00 AM

epriestley added a task: T13043: Improve authentication revocation behaviors.

Harbormaster completed remote builds in B19110: Diff 45323.Jan 22 2018, 2:00 AM

epriestley requested review of this revision.Jan 22 2018, 2:00 AM

epriestley added a child revision: D18908: Mark all existing password hashes as "legacy" and start upgrading digest formats.Jan 22 2018, 2:16 AM

amckinley accepted this revision.Jan 23 2018, 7:51 PM

This revision is now accepted and ready to land.Jan 23 2018, 7:51 PM

Closed by commit rP13ef5c6f2314: When administrators revoke SSH keys, don't include a "security warning" in the… (authored by epriestley). · Explain WhyJan 23 2018, 10:00 PM

This revision was automatically updated to reflect the committed changes.

epriestley mentioned this in T13043: Improve authentication revocation behaviors.Jan 23 2018, 11:43 PM

Revision Contents
Changeset List

Path

Size

src/

applications/

auth/

editor/

PhabricatorAuthSSHKeyEditor.php

36 lines

revoker/

PhabricatorAuthSSHRevoker.php

1 line

Diff 45323

src/applications/auth/editor/PhabricatorAuthSSHKeyEditor.php

Loading...

src/applications/auth/revoker/PhabricatorAuthSSHRevoker.php

Loading...