Upload broken SSH key

Bug #1780632 reported by Sam Bull on 2018-07-08
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
UWDE
High
UWDE Python Team

Bug Description

A user can upload an invalid SSH key, and there is no obvious way to fix the issue, if the user doesn't know how to generate a new one themselves.

The best solution would be to validate the key before saving.
We should check:
 The contents are a valid SSH key.
 The SSH key is not encrypted (passwordless).
 The public and private parts match.

Relevant links:
http://docs.paramiko.org/en/2.4/api/keys.html
https://stackoverflow.com/questions/41766417/verify-the-passphrase-for-rsa-private-key
https://gist.github.com/piyushbansal/5243418
https://stackoverflow.com/questions/2494450/ssh-rsa-public-key-validation-using-a-regular-expression
https://pypi.org/project/sshpubkeys/

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers