Paths

Table of Contentst

Differential D18907

When administrators revoke SSH keys, don't include a "security warning" in the mail
ClosedPublic
Actions

Authored by epriestley on Jan 22 2018, 1:59 AM.

Tags

None

Referenced Files

	F14758631: D18907.id45368.diff
	Wed, Jan 22, 8:33 AM

	F14756815: D18907.id45323.diff
	Tue, Jan 21, 8:34 PM

	Unknown Object (File)
	Tue, Jan 21, 12:44 PM

	Unknown Object (File)
	Tue, Jan 21, 11:07 AM

	Unknown Object (File)
	Sat, Dec 28, 12:25 PM

	Unknown Object (File)
	Tue, Dec 24, 3:47 AM

	Unknown Object (File)
	Dec 16 2024, 5:44 PM

	Unknown Object (File)
	Dec 6 2024, 12:53 AM

Subscribers

None

Details

Reviewers

Maniphest Tasks

T13043: Improve authentication revocation behaviors

Commits

rP13ef5c6f2314: When administrators revoke SSH keys, don't include a "security warning" in the…

Summary

Depends on D18906. Ref T13043. When SSH keys are edited, we normally include a warning that if you don't recognize the activity you might have problems in the mail body.

Currently, this warning is also shown for revocations with bin/auth revoke --type ssh. However, these revocations are safe (revocations are generally not dangerous anyway) and almost certainly legitimate and administrative, so don't warn users about them.

Test Plan

Created and revoked a key.
Creation mail still had warning; revocation mail no longer did.

Diff Detail

Repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

epriestley created this revision.Jan 22 2018, 1:59 AM

epriestley edited the summary of this revision. (Show Details)Jan 22 2018, 2:00 AM

epriestley added a task: T13043: Improve authentication revocation behaviors.

Harbormaster completed remote builds in B19110: Diff 45323.Jan 22 2018, 2:00 AM

epriestley requested review of this revision.Jan 22 2018, 2:00 AM

epriestley added a child revision: D18908: Mark all existing password hashes as "legacy" and start upgrading digest formats.Jan 22 2018, 2:16 AM

amckinley accepted this revision.Jan 23 2018, 7:51 PM

This revision is now accepted and ready to land.Jan 23 2018, 7:51 PM

Closed by commit rP13ef5c6f2314: When administrators revoke SSH keys, don't include a "security warning" in the… (authored by epriestley). · Explain WhyJan 23 2018, 10:00 PM

This revision was automatically updated to reflect the committed changes.

epriestley mentioned this in T13043: Improve authentication revocation behaviors.Jan 23 2018, 11:43 PM

Revision Contents
Changeset List

Path

Size

src/

applications/

auth/

editor/

PhabricatorAuthSSHKeyEditor.php

36 lines

revoker/

PhabricatorAuthSSHRevoker.php

1 line

Diff 45368

src/applications/auth/editor/PhabricatorAuthSSHKeyEditor.php

Loading...

src/applications/auth/revoker/PhabricatorAuthSSHRevoker.php

Loading...