Add ssh public key for Inband management. #520
Conversation
|
depends on RackHD/on-tasks#369 |
lanchongyizu
force-pushed
the
bugfix/odr-972
branch
2 times, most recently
from
23b1637 to
098702a
Compare
|
👍 |
|
BUILD on-http #2785 : UNSTABLE
|
johren
left a comment
johren
left a comment
There was a problem hiding this comment.
A couple of things about the private and public keys. We do not need to encrypt or redact public keys. These can be freely shared with anyone.
Private keys, on the other hand, should never be shared with anyone. Therefore, we should not be asking the user to give us their private key. The only private keys we should be handling are those that we generate for ourselves.
lib/serializables/v1/ssh.js
Outdated
| } | ||
| if (this.publicKey) { | ||
| this.publicKey = 'REDACTED'; | ||
| } |
There was a problem hiding this comment.
Public keys do not need to be encrypted or redacted. These can be safely revealed to anyone.
lib/serializables/v1/ssh.js
Outdated
| } | ||
| if (self.publicKey) { | ||
| self.publicKey = encryption.encrypt(self.publicKey); | ||
| } |
There was a problem hiding this comment.
Public key does not need to be encrypted.
| } | ||
| ).should.eventually.have.property('publicKey').that.equals('REDACTED'); | ||
| }); | ||
|
|
There was a problem hiding this comment.
Public key does not need to be encrypted or redacted.
| 'publicKey' | ||
| ).and.not.equal('fake-public-key'); | ||
| }); | ||
|
|
There was a problem hiding this comment.
Public key does not need to be encrypted.
lanchongyizu
force-pushed
the
bugfix/odr-972
branch
from
098702a to
f79d93a
Compare
5 participants
Public key is required for ssh connection for Inband management, and private key is optional.
This is related with ODR-972.
@RackHD/corecommitters @panpan0000 @iceiilin @benbp