revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-13 02:12:41 +01:00
Code Issues Releases Wiki Activity
phorge-phorge/scripts
History
epriestley 6f0d3b0796 Add a query/policy layer on top of SSH keys for Almanac 
Summary:
Ref T5833. Currently, SSH keys are associated only with users, and are a bit un-modern. I want to let Almanac Devices have SSH keys so devices in a cluster can identify to one another.

For example, with hosted installs, initialization will go something like this:

  - A request comes in for `company.phacility.com`.
  - A SiteSource (from D10787) makes a Conduit call to Almanac on the master install to check if `company` is a valid install and pull config if it is.
  - This call can be signed with an SSH key which identifies a trusted Almanac Device.

In the cluster case, a web host can make an authenticated call to a repository host with similar key signing.

To move toward this, put a proper Query class on top of SSH key access (this diff). In following diffs, I'll:

  - Rename `userPHID` to `objectPHID`.
  - Move this to the `auth` database.
  - Provide UI for device/key association.

An alternative approach would be to build some kind of special token layer in Conduit, but I think that would be a lot harder to manage in the hosting case. This gives us a more direct attack on trusting requests from machines and recognizing machines as first (well, sort of second-class) actors without needing things like fake user accounts.

Test Plan:
  - Added and removed SSH keys.
  - Added and removed SSH keys from a bot account.
  - Tried to edit an unonwned SSH key (denied).
  - Ran `bin/ssh-auth`, got sensible output.
  - Ran `bin/ssh-auth-key`, got sensible output.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5833

Differential Revision: https://secure.phabricator.com/D10790
2014-11-06 12:37:02 -08:00
..
almanac Implement storage of a host ID and a public key for authorizing Conduit between servers 2014-10-03 22:52:41 +10:00
aphront Applied various linter fixes. 2014-06-09 16:04:12 -07:00
cache Discover workflows automatically. 2014-06-16 09:00:25 +10:00
calendar Change double quotes to single quotes. 2014-06-09 11:36:50 -07:00
celerity Replace ActionHeader minicons with Font icons 2014-08-15 11:08:28 -07:00
daemon Discover workflows automatically. 2014-06-16 09:00:25 +10:00
diviner Make all bin/* scripts locate their workflows dynamically 2013-12-27 13:15:48 -08:00
drydock Make all bin/* scripts locate their workflows dynamically 2013-12-27 13:15:48 -08:00
fact Make all bin/* scripts locate their workflows dynamically 2013-12-27 13:15:48 -08:00
files Make all bin/* scripts locate their workflows dynamically 2013-12-27 13:15:48 -08:00
fpm Delete license headers from files 2012-11-05 11:16:51 -08:00
install Update Aphlict documentation for new server management commands 2014-06-05 12:40:53 -07:00
lipsum Make all bin/* scripts locate their workflows dynamically 2013-12-27 13:15:48 -08:00
mail Change double quotes to single quotes. 2014-06-09 11:36:50 -07:00
repository Use PhutilConsoleProgressBar for the repository/reparse.php script 2014-09-09 00:04:25 +10:00
search Remove various old things in scripts/ 2014-05-01 18:23:48 -07:00
setup Add a bin/hunks script to manage migrations of hunk data 2014-06-03 18:01:23 -07:00
sms Add SMS support 2014-05-09 12:47:21 -07:00
sql Fix various MySQL version issues with new charset stuff 2014-10-29 15:49:29 -07:00
ssh Add a query/policy layer on top of SSH keys for Almanac 2014-11-06 12:37:02 -08:00
symbols Minor formatting changes 2014-10-08 08:39:49 +11:00
user Change double quotes to single quotes. 2014-06-09 11:36:50 -07:00
util Add a CanCDN flag to uploaded files 2014-08-07 18:56:20 -07:00
__init_script__.php Consolidate environmental initialization 2012-12-25 06:15:28 -08:00