FS#63919 - Allow SSH CAs as user keys

Attached to Project: AUR web interface
Opened by Jonne Haß (MrZYX) - Wednesday, 25 September 2019, 17:33 GMT
Task Type Feature Request
Category Backend
Status Unconfirmed
Assigned To No-one
Architecture All
Severity Low
Priority Normal
Reported Version 4.7.0
Due in Version Undecided
Due Date Undecided
Percent Complete 0%
Votes 0
Private No

Details

Rather than having to remember what all the places are when rotating one's SSH keys or adding a new device, and rather than copying one SSH key around everywhere, it could be more convenient to just whitelist a SSH CA and have it sign any new keys.

This should be fairly easy to implement by making cert-authority a valid prefix of the SSH key, which is then returned by git-auth. So for example allow to set cert-authority ssh-ed25519 AbTheCAsKeyGoesHere and return it exactly like that for the AuthorizedKeysCommand.
This task depends upon

Loading...