Issue #5536 - ability to disable server-side SSH key generation...
csalgau -
r3478:6cd9b768 default
Not Reviewed
Show More
Add another comment
TODOs: 0 unresolved 0 Resolved
COMMENTS: 0 General 0 Inline
@@ -631,6 +631,10
631 631 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
632 632 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
633 633
634 ## Enables SSH key generator web interface. Disabling this still allows users
635 ## to add their own keys.
636 ssh.enable_ui_key_generator = true
637
634 638
635 639 ## Dummy marker to add new entries after.
636 640 ## Add any custom entries below. Please don't remove.
@@ -604,6 +604,10
604 604 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
605 605 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
606 606
607 ## Enables SSH key generator web interface. Disabling this still allows users
608 ## to add their own keys.
609 ssh.enable_ui_key_generator = true
610
607 611
608 612 ## Dummy marker to add new entries after.
609 613 ## Add any custom entries below. Please don't remove.
@@ -73,6 +73,10
73 73 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
74 74 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
75 75
76 ## Enables SSH key generator web interface. Disabling this still allows users
77 ## to add their own keys.
78 ssh.enable_ui_key_generator = true
79
76 80
77 81 3. Set base_url for instance to enable proper event handling (Optional):
78 82
@@ -71,10 +71,11
71 71 c = self.load_default_context()
72 72
73 73 c.active = 'ssh_keys_generate'
74 comment = 'RhodeCode-SSH {}'.format(c.user.email or '')
75 c.private, c.public = SshKeyModel().generate_keypair(comment=comment)
76 c.target_form_url = h.route_path(
77 'my_account_ssh_keys', _query=dict(default_key=c.public))
74 if c.ssh_key_generator_enabled:
75 comment = 'RhodeCode-SSH {}'.format(c.user.email or '')
76 c.private, c.public = SshKeyModel().generate_keypair(comment=comment)
77 c.target_form_url = h.route_path(
78 'my_account_ssh_keys', _query=dict(default_key=c.public))
78 79 return self._get_template_context(c)
79 80
80 81 @LoginRequired()
@@ -36,6 +36,7
36 36 _bool_setting(settings, config_keys.generate_authorized_keyfile, 'false')
37 37 _bool_setting(settings, config_keys.wrapper_allow_shell, 'false')
38 38 _bool_setting(settings, config_keys.enable_debug_logging, 'false')
39 _bool_setting(settings, config_keys.ssh_key_generator_enabled, 'true')
39 40
40 41 _string_setting(settings, config_keys.authorized_keys_file_path,
41 42 '~/.ssh/authorized_keys_rhodecode',
@@ -24,6 +24,7
24 24 generate_authorized_keyfile = 'ssh.generate_authorized_keyfile'
25 25 authorized_keys_file_path = 'ssh.authorized_keys_file_path'
26 26 authorized_keys_line_ssh_opts = 'ssh.authorized_keys_ssh_opts'
27 ssh_key_generator_enabled = 'ssh.enable_ui_key_generator'
27 28 wrapper_cmd = 'ssh.wrapper_cmd'
28 29 wrapper_allow_shell = 'ssh.wrapper_cmd_allow_shell'
29 30 enable_debug_logging = 'ssh.enable_debug_logging'
@@ -348,6 +348,8
348 348 config.get('labs_settings_active', 'false'))
349 349 context.ssh_enabled = str2bool(
350 350 config.get('ssh.generate_authorized_keyfile', 'false'))
351 context.ssh_key_generator_enabled = str2bool(
352 config.get('ssh.enable_ui_key_generator', 'true'))
351 353
352 354 context.visual.allow_repo_location_change = str2bool(
353 355 config.get('allow_repo_location_change', True))
@@ -55,7 +55,9
55 55 </div>
56 56 <div class="input">
57 57 ${h.text('description', class_='medium', placeholder=_('Description'))}
58 <a href="${h.route_path('my_account_ssh_keys_generate')}">${_('Generate random RSA key')}</a>
58 % if c.ssh_key_generator_enabled:
59 <a href="${h.route_path('my_account_ssh_keys_generate')}">${_('Generate random RSA key')}</a>
60 % endif
59 61 </div>
60 62 </div>
61 63
@@ -70,7 +72,7
70 72 ${h.reset('reset',_('Reset'),class_="btn")}
71 73 </div>
72 74 % if c.default_key:
73 ${_('Click add to use this generate SSH key')}
75 ${_('Click add to use this generated SSH key')}
74 76 % endif
75 77 </div>
76 78 </div>
@@ -50,7 +50,9
50 50 </div>
51 51 <div class="input">
52 52 ${h.text('description', class_='medium', placeholder=_('Description'))}
53 <a href="${h.route_path('edit_user_ssh_keys_generate_keypair', user_id=c.user.user_id)}">${_('Generate random RSA key')}</a>
53 % if c.ssh_key_generator_enabled:
54 <a href="${h.route_path('edit_user_ssh_keys_generate_keypair', user_id=c.user.user_id)}">${_('Generate random RSA key')}</a>
55 % endif
54 56 </div>
55 57 </div>
56 58
@@ -1,14 +1,15
1 1 <div class="panel panel-default">
2 2 <div class="panel-heading">
3 <h3 class="panel-title">${_('New SSH Key generated')}</h3>
3 <h3 class="panel-title">${_('New SSH Key generation')}</h3>
4 4 </div>
5 5 <div class="panel-body">
6 <p>
7 ${_('Below is a 2048 bit generated SSH RSA key.')}<br/>
8 ${_('If You wish to use it to access RhodeCode via the SSH please save the private key and click `Use this generated key` at the bottom.')}
9 </p>
10 <h4>${_('Private key')}</h4>
11 <pre>
6 %if c.ssh_enabled and c.ssh_key_generator_enabled:
7 <p>
8 ${_('Below is a 2048 bit generated SSH RSA key.')}<br/>
9 ${_('If You wish to use it to access RhodeCode via the SSH please save the private key and click `Use this generated key` at the bottom.')}
10 </p>
11 <h4>${_('Private key')}</h4>
12 <pre>
12 13 # Save the below content as
13 14 # Windows: /Users/{username}/.ssh/id_rsa_rhodecode_access_priv.key
14 15 # macOS: /Users/{yourname}/.ssh/id_rsa_rhodecode_access_priv.key
@@ -16,30 +17,35
16 17
17 18 # Change permissions to 0600 to make it secure, and usable.
18 19 e.g chmod 0600 /home/{username}/.ssh/id_rsa_rhodecode_access_priv.key
19 </pre>
20 </pre>
20 21
21 <div>
22 <textarea style="height: 300px">${c.private}</textarea>
23 </div>
24 <br/>
22 <div>
23 <textarea style="height: 300px">${c.private}</textarea>
24 </div>
25 <br/>
25 26
26 <h4>${_('Public key')}</h4>
27 <pre>
27 <h4>${_('Public key')}</h4>
28 <pre>
28 29 # Save the below content as
29 30 # Windows: /Users/{username}/.ssh/id_rsa_rhodecode_access_pub.key
30 31 # macOS: /Users/{yourname}/.ssh/id_rsa_rhodecode_access_pub.key
31 32 # Linux: /home/{username}/.ssh/id_rsa_rhodecode_access_pub.key
32 </pre>
33 </pre>
33 34
34 <input type="text" value="${c.public}" class="large text" size="100"/>
35 <p>
36 % if hasattr(c, 'target_form_url'):
37 <a href="${c.target_form_url}">${_('Use this generated key')}.</a>
38 % else:
39 <a href="${h.route_path('edit_user_ssh_keys', user_id=c.user.user_id, _query=dict(default_key=c.public))}">${_('Use this generated key')}.</a>
40 % endif
41 ${_('Confirmation required on the next screen')}.
42 </p>
35 <input type="text" value="${c.public}" class="large text" size="100"/>
36 <p>
37 % if hasattr(c, 'target_form_url'):
38 <a href="${c.target_form_url}">${_('Use this generated key')}.</a>
39 % else:
40 <a href="${h.route_path('edit_user_ssh_keys', user_id=c.user.user_id, _query=dict(default_key=c.public))}">${_('Use this generated key')}.</a>
41 % endif
42 ${_('Confirmation required on the next screen')}.
43 </p>
44 % else:
45 <h2>
46 ${_('SSH key generator has been disabled.')}
47 </h2>
48 % endif
43 49 </div>
44 50 </div>
45 51
@@ -572,6 +572,10
572 572 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
573 573 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
574 574
575 ## Enables SSH key generator web interface. Disabling this still allows users
576 ## to add their own keys.
577 ssh.enable_ui_key_generator = true
578
575 579
576 580 ## Dummy marker to add new entries after.
577 581 ## Add any custom entries below. Please don't remove.
Comments 0
You need to be logged in to leave comments. Login now