Pull request !2275 From Wed, 13 Feb 2019 21:07:07
Shadow repository data not available.
Closed, Approved - calculated based on 3 reviewers votes
  • Issue #5536 - ability to disable server-side SSH key generation
Pull request versions not available.
Author of this pull request
Pull request reviewers
Time Author Commit Description
r3208:7d47a18b6391
Issue #5536 - another template typo
r3207:55f6d5276de9
Issue #5536 - template typo. also make variable names more explicit
r3206:c02cc55651b4
Issue #5536 - ability to disable server-side SSH key generation
Add another comment
@@ -630,6 +630,10
630 630 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
631 631 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
632 632
633 ## Enables SSH key generator web interface. Disabling this still allows users
634 ## to add their own keys.
635 ssh.enable_ui_key_generator = true
636
633 637
634 638 ## Dummy marker to add new entries after.
635 639 ## Add any custom entries below. Please don't remove.
@@ -602,6 +602,10
602 602 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
603 603 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
604 604
605 ## Enables SSH key generator web interface. Disabling this still allows users
606 ## to add their own keys.
607 ssh.enable_ui_key_generator = true
608
605 609
606 610 ## Dummy marker to add new entries after.
607 611 ## Add any custom entries below. Please don't remove.
@@ -73,6 +73,10
73 73 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
74 74 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
75 75
76 ## Enables SSH key generator web interface. Disabling this still allows users
77 ## to add their own keys.
78 ssh.enable_ui_key_generator = true
79
76 80
77 81 3. Set base_url for instance to enable proper event handling (Optional):
78 82
@@ -71,10 +71,11
71 71 c = self.load_default_context()
72 72
73 73 c.active = 'ssh_keys_generate'
74 comment = 'RhodeCode-SSH {}'.format(c.user.email or '')
75 c.private, c.public = SshKeyModel().generate_keypair(comment=comment)
76 c.target_form_url = h.route_path(
77 'my_account_ssh_keys', _query=dict(default_key=c.public))
74 if c.ssh_key_generator_enabled:
75 comment = 'RhodeCode-SSH {}'.format(c.user.email or '')
76 c.private, c.public = SshKeyModel().generate_keypair(comment=comment)
77 c.target_form_url = h.route_path(
78 'my_account_ssh_keys', _query=dict(default_key=c.public))
78 79 return self._get_template_context(c)
79 80
80 81 @LoginRequired()
@@ -36,6 +36,7
36 36 _bool_setting(settings, config_keys.generate_authorized_keyfile, 'false')
37 37 _bool_setting(settings, config_keys.wrapper_allow_shell, 'false')
38 38 _bool_setting(settings, config_keys.enable_debug_logging, 'false')
39 _bool_setting(settings, config_keys.ssh_key_generator_enabled, 'true')
39 40
40 41 _string_setting(settings, config_keys.authorized_keys_file_path,
41 42 '~/.ssh/authorized_keys_rhodecode',
@@ -24,6 +24,7
24 24 generate_authorized_keyfile = 'ssh.generate_authorized_keyfile'
25 25 authorized_keys_file_path = 'ssh.authorized_keys_file_path'
26 26 authorized_keys_line_ssh_opts = 'ssh.authorized_keys_ssh_opts'
27 ssh_key_generator_enabled = 'ssh.enable_ui_key_generator'
27 28 wrapper_cmd = 'ssh.wrapper_cmd'
28 29 wrapper_allow_shell = 'ssh.wrapper_cmd_allow_shell'
29 30 enable_debug_logging = 'ssh.enable_debug_logging'
@@ -343,6 +343,8
343 343 config.get('labs_settings_active', 'false'))
344 344 context.ssh_enabled = str2bool(
345 345 config.get('ssh.generate_authorized_keyfile', 'false'))
346 context.ssh_key_generator_enabled = str2bool(
347 config.get('ssh.enable_ui_key_generator', 'true'))
346 348
347 349 context.visual.allow_repo_location_change = str2bool(
348 350 config.get('allow_repo_location_change', True))
@@ -55,7 +55,9
55 55 </div>
56 56 <div class="input">
57 57 ${h.text('description', class_='medium', placeholder=_('Description'))}
58 <a href="${h.route_path('my_account_ssh_keys_generate')}">${_('Generate random RSA key')}</a>
58 % if c.ssh_key_generator_enabled:
59 <a href="${h.route_path('my_account_ssh_keys_generate')}">${_('Generate random RSA key')}</a>
60 % endif

fixed in r3207

Add another comment
59 61 </div>
60 62 </div>
61 63
@@ -70,7 +72,7
70 72 ${h.reset('reset',_('Reset'),class_="btn")}
71 73 </div>
72 74 % if c.default_key:
73 ${_('Click add to use this generate SSH key')}
75 ${_('Click add to use this generated SSH key')}
note

+1 for spelling fix ;)

Add another comment
74 76 % endif
75 77 </div>
76 78 </div>
@@ -50,7 +50,9
50 50 </div>
51 51 <div class="input">
52 52 ${h.text('description', class_='medium', placeholder=_('Description'))}
53 <a href="${h.route_path('edit_user_ssh_keys_generate_keypair', user_id=c.user.user_id)}">${_('Generate random RSA key')}</a>
53 % if c.ssh_key_generator_enabled:
54 <a href="${h.route_path('edit_user_ssh_keys_generate_keypair', user_id=c.user.user_id)}">${_('Generate random RSA key')}</a>
55 % endif
54 56 </div>
55 57 </div>
56 58
@@ -1,13 +1,14
1 1 <div class="panel panel-default">
2 2 <div class="panel-heading">
3 <h3 class="panel-title">${_('New SSH Key generated')}</h3>
3 <h3 class="panel-title">${_('New SSH Key generation')}</h3>
4 4 </div>
5 5 <div class="panel-body">
6 <p>
7 ${_('Below is a 2048 bit generated SSH RSA key. You can use it to access RhodeCode via the SSH wrapper.')}
8 </p>
9 <h4>${_('Private key')}</h4>
10 <pre>
6 %if c.ssh_enabled and c.ssh_key_generator_enabled:
7 <p>
8 ${_('Below is a 2048 bit generated SSH RSA key. You can use it to access RhodeCode via the SSH wrapper.')}
9 </p>
10 <h4>${_('Private key')}</h4>
11 <pre>
11 12 # Save the below content as
12 13 # Windows: /Users/{username}/.ssh/id_rsa_rhodecode_access_priv.key
13 14 # macOS: /Users/{yourname}/.ssh/id_rsa_rhodecode_access_priv.key
@@ -15,30 +16,35
15 16
16 17 # Change permissions to 0600 to make it secure, and usable.
17 18 e.g chmod 0600 /home/{username}/.ssh/id_rsa_rhodecode_access_priv.key
18 </pre>
19 </pre>
19 20
20 <div>
21 <textarea style="height: 300px">${c.private}</textarea>
22 </div>
23 <br/>
21 <div>
22 <textarea style="height: 300px">${c.private}</textarea>
23 </div>
24 <br/>
24 25
25 <h4>${_('Public key')}</h4>
26 <pre>
26 <h4>${_('Public key')}</h4>
27 <pre>
27 28 # Save the below content as
28 29 # Windows: /Users/{username}/.ssh/id_rsa_rhodecode_access_pub.key
29 30 # macOS: /Users/{yourname}/.ssh/id_rsa_rhodecode_access_pub.key
30 31 # Linux: /home/{username}/.ssh/id_rsa_rhodecode_access_pub.key
31 </pre>
32 </pre>
32 33
33 <input type="text" value="${c.public}" class="large text" size="100"/>
34 <p>
35 % if hasattr(c, 'target_form_url'):
36 <a href="${c.target_form_url}">${_('Use this generated key')}.</a>
37 % else:
38 <a href="${h.route_path('edit_user_ssh_keys', user_id=c.user.user_id, _query=dict(default_key=c.public))}">${_('Use this generated key')}.</a>
39 % endif
40 ${_('Confirmation required on the next screen')}.
41 </p>
34 <input type="text" value="${c.public}" class="large text" size="100"/>
35 <p>
36 % if hasattr(c, 'target_form_url'):
37 <a href="${c.target_form_url}">${_('Use this generated key')}.</a>
38 % else:
39 <a href="${h.route_path('edit_user_ssh_keys', user_id=c.user.user_id, _query=dict(default_key=c.public))}">${_('Use this generated key')}.</a>
40 % endif
41 ${_('Confirmation required on the next screen')}.
42 </p>
43 % else:

I did have that fixed on the live template. I just didn't sync it.

Add another comment
44 <h2>
45 ${_('SSH key generator has been disabled.')}
46 </h2>
47 % endif
42 48 </div>
43 49 </div>
44 50
@@ -572,6 +572,10
572 572 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
573 573 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
574 574
575 ## Enables SSH key generator web interface. Disabling this still allows users
576 ## to add their own keys.
577 ssh.enable_ui_key_generator = true
578
575 579
576 580 ## Dummy marker to add new entries after.
577 581 ## Add any custom entries below. Please don't remove.
Comments 23
there are 16 general comments from older versions, show them
note
Under Review

Pull request updated. Auto status change to "Under Review"

Changed commits:
  * 1 added
  * 0 removed

Changed files:
  * M rhodecode/templates/admin/users/user_edit_ssh_keys_generate.mako
note
Approved

CLA FOUND and APPROVED

note

So I'm going to make a small complaint about the fact that the public repository is missing the 4.15 branch and my test instance is up-to-date. This makes syncing things less than straight forward. Also, for some reason it looked to me like both build bot posts pointed to the same file. Looks ok now.

note

Yeah, i'd realized that now that infact 4.15 is not pushed to the public instance... This should be done automatically.
I'll make sure we re-sync the codebase today.

note
Approved

Build Succeeded!

note
Approved

Thank you for this contribution. This looks ok, i'll merge this manually on top of our current default develop branch.

note
Approved

Closing with status change > Approved.