Automatic authorized keys from github/gitlab

Question

Automatic authorized keys from github/gitlab

rothgar opened this issue 4 years ago · 6 comments

I would like to simplify something like upterm host --authorized-key <(curl https://github.com/rothgar.keys)

It would be great if this can be a single option like --github-user rothgar. If we want to make it more flexible maybe it could be something like --git-user rothgar@github which would automatically fetch https://github.com/rothgar.keys. This could limit the amount of flags and still make it pluggable for things like jgarr@gitlab

Answer 1 · 2021-02-03T12:48:09.000Z

From what I understand, --authorized-key is meant to restrict the users that can connect to your session, not identify the host of the session.

Answer 2 · 2021-02-04T18:24:39.000Z

That is my assumption too. I would like to use the published public keys from a github user so if I wanted you to be able to connect to my session I could run

upterm host --github-user MichaelBitard

and it would automatically pull your public key from https://github.com/MichaelBitard.keys

Answer 3 · 2021-02-05T08:10:06.000Z

That would be a good idea indeed. The title of your issue is misleading though ;)

The private key is needed to authentify and sign message yourself, the public key is used for the person willing to connect to your host. They are not related. I think you want to open 2 issues, one is a feature request to add --github-user to simplify --authorized-keys mechanism when allowing a github user to connect. The second issue is that you'd like to make the private-key optional, and I don't know if that's possible.

Answer 4 · 2021-02-07T06:57:24.000Z

I think I was confused with what a private key was used for but it makes sense since the system running upterm host is creating an ssh session to the upterm server and allowing other clients through that.

I'll rename this ticket for the --github-user flag and another issue to see if there's a way to generate a temporary public/private key if --private-key isn't provided.

Answer 5 · 2021-02-21T19:13:59.000Z

Yes, I definitely like the idea of integrating with GitHub and GitLab public keys!

Answer 6 · 2021-03-13T10:34:17.000Z

Please, handle private Gitlab instance, too.

Something like --gitlab-user sponge-bob@gitlab.example.com and sponge-bob is implicitly sponge-bob@gitlab.com