forked from cockpit-project/cockpit
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
containers/ws: Support all OpenSSH key types
Load a provided SSH key into ssh-agent, and let cockpit-ssh use it from there. This is the same approach that we use with "regular" cockpit and connecting to remote hosts in the shell. This drops the restriction that keys must be in the old RSA PEM format. SSH has moved to the proprietary "OpenSSH" format a few years ago, but openssl (or anything else other than SSH itself) cannot decrypt these any more. Unfortunately ssh-add does not allow reading the password from stdin, so construct and use an askpass agent (similar to Client). Restrict the lifetime of keys in the agent to 30 seconds. That gives the login process enough time to connect, but avoids keeping the unencrypted key in memory indefinitely.
- Loading branch information
1 parent
f723065
commit 39dcbf9
Showing
4 changed files
with
41 additions
and
9 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters