From 257830ae71d191f1bd01d1f3f81c689ccebe87f6 Mon Sep 17 00:00:00 2001 From: epriestley Date: Fri, 13 Sep 2019 07:47:51 -0700 Subject: [PATCH] (stable) Remove the "ssh-auth-key" script Summary: Ref T13436. Historically, this script could be used with a forked copy of "sshd" to do lower-cost per-key auth. Relatively modern "sshd" supports "%f" to "AuthorizedKeysCommand", which effectively moots this. Users have never been instructed to use this script for anything, and we moved away from this specific patch to "sshd" some time ago. Test Plan: Grepped for "ssh-auth-key", no hits. Maniphest Tasks: T13436 Differential Revision: https://secure.phabricator.com/D20873 --- bin/ssh-auth-key | 1 - scripts/ssh/ssh-auth-key.php | 42 ------------------------------------ 2 files changed, 43 deletions(-) delete mode 120000 bin/ssh-auth-key delete mode 100755 scripts/ssh/ssh-auth-key.php diff --git a/bin/ssh-auth-key b/bin/ssh-auth-key deleted file mode 120000 index 7dff83c316..0000000000 --- a/bin/ssh-auth-key +++ /dev/null @@ -1 +0,0 @@ -../scripts/ssh/ssh-auth-key.php \ No newline at end of file diff --git a/scripts/ssh/ssh-auth-key.php b/scripts/ssh/ssh-auth-key.php deleted file mode 100755 index 0c23a20edf..0000000000 --- a/scripts/ssh/ssh-auth-key.php +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/bin/env php -setViewer(PhabricatorUser::getOmnipotentUser()) - ->withKeys(array($public_key)) - ->withIsActive(true) - ->executeOne(); -if (!$key) { - exit(1); -} - -$object = $key->getObject(); -if (!($object instanceof PhabricatorUser)) { - exit(1); -} - -$bin = $root.'/bin/ssh-exec'; -$cmd = csprintf('%s --phabricator-ssh-user %s', $bin, $object->getUsername()); -// This is additional escaping for the SSH 'command="..."' string. -$cmd = addcslashes($cmd, '"\\'); - -$options = array( - 'command="'.$cmd.'"', - 'no-port-forwarding', - 'no-X11-forwarding', - 'no-agent-forwarding', - 'no-pty', -); - -echo implode(',', $options); -exit(0);