mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-21 13:00:56 +01:00
Remove the "ssh-auth-key" script
Summary: Ref T13436. Historically, this script could be used with a forked copy of "sshd" to do lower-cost per-key auth. Relatively modern "sshd" supports "%f" to "AuthorizedKeysCommand", which effectively moots this. Users have never been instructed to use this script for anything, and we moved away from this specific patch to "sshd" some time ago. Test Plan: Grepped for "ssh-auth-key", no hits. Maniphest Tasks: T13436 Differential Revision: https://secure.phabricator.com/D20873
This commit is contained in:
parent
5d8457a07e
commit
02f85f03bd
2 changed files with 0 additions and 43 deletions
|
@ -1 +0,0 @@
|
|||
../scripts/ssh/ssh-auth-key.php
|
|
@ -1,42 +0,0 @@
|
|||
#!/usr/bin/env php
|
||||
<?php
|
||||
|
||||
$root = dirname(dirname(dirname(__FILE__)));
|
||||
require_once $root.'/scripts/__init_script__.php';
|
||||
|
||||
try {
|
||||
$cert = file_get_contents('php://stdin');
|
||||
$public_key = PhabricatorAuthSSHPublicKey::newFromRawKey($cert);
|
||||
} catch (Exception $ex) {
|
||||
exit(1);
|
||||
}
|
||||
|
||||
$key = id(new PhabricatorAuthSSHKeyQuery())
|
||||
->setViewer(PhabricatorUser::getOmnipotentUser())
|
||||
->withKeys(array($public_key))
|
||||
->withIsActive(true)
|
||||
->executeOne();
|
||||
if (!$key) {
|
||||
exit(1);
|
||||
}
|
||||
|
||||
$object = $key->getObject();
|
||||
if (!($object instanceof PhabricatorUser)) {
|
||||
exit(1);
|
||||
}
|
||||
|
||||
$bin = $root.'/bin/ssh-exec';
|
||||
$cmd = csprintf('%s --phabricator-ssh-user %s', $bin, $object->getUsername());
|
||||
// This is additional escaping for the SSH 'command="..."' string.
|
||||
$cmd = addcslashes($cmd, '"\\');
|
||||
|
||||
$options = array(
|
||||
'command="'.$cmd.'"',
|
||||
'no-port-forwarding',
|
||||
'no-X11-forwarding',
|
||||
'no-agent-forwarding',
|
||||
'no-pty',
|
||||
);
|
||||
|
||||
echo implode(',', $options);
|
||||
exit(0);
|
Loading…
Reference in a new issue