mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-22 14:52:41 +01:00
Add support for FIDO2-backed SSH keys
Summary: U2F/FIDO are open standards for inexpensive two-factor authentication hardware that are widely used for website authentication. These keys are available since OpenSSH 8.2 (2020-02-14). https://www.openssh.com/txt/release-8.2 https://security.stackexchange.com/q/240991/260234 Ref Q96 Test Plan: Check the added keys. They exactly match the output of the command 'ssh -Q key'. Reviewers: O1 Blessed Committers, antonia, avivey Reviewed By: O1 Blessed Committers, antonia, avivey Subscribers: avivey, tobiaswiese, Matthew, Cigaryno Differential Revision: https://we.phorge.it/D25508
This commit is contained in:
parent
d92ed9ce0c
commit
6fe942a8f9
1 changed files with 4 additions and 0 deletions
|
@ -55,11 +55,15 @@ final class PhabricatorAuthSSHPublicKey extends Phobject {
|
||||||
|
|
||||||
list($type, $body, $comment) = $parts;
|
list($type, $body, $comment) = $parts;
|
||||||
|
|
||||||
|
// The only goal is to prevent user error by nonsense input.
|
||||||
|
// This is just a meaningful subset from 'ssh -Q key'.
|
||||||
$recognized_keys = array(
|
$recognized_keys = array(
|
||||||
'ssh-dsa',
|
'ssh-dsa',
|
||||||
'ssh-dss',
|
'ssh-dss',
|
||||||
'ssh-rsa',
|
'ssh-rsa',
|
||||||
'ssh-ed25519',
|
'ssh-ed25519',
|
||||||
|
'sk-ssh-ed25519@openssh.com',
|
||||||
|
'sk-ecdsa-sha2-nistp256@openssh.com',
|
||||||
'ecdsa-sha2-nistp256',
|
'ecdsa-sha2-nistp256',
|
||||||
'ecdsa-sha2-nistp384',
|
'ecdsa-sha2-nistp384',
|
||||||
'ecdsa-sha2-nistp521',
|
'ecdsa-sha2-nistp521',
|
||||||
|
|
Loading…
Reference in a new issue