Project

General

Profile

Bug #27967

Validate private key presence and permissions when using rsync over SSH

Added by Vladimir Vinogradenko about 1 year ago. Updated 10 months ago.

Status:
Done
Priority:
Nice to have
Assignee:
Waqar Ahmed
Category:
Middleware
Target version:
Severity:
New
Reason for Closing:
Reason for Blocked:
Needs QA:
No
Needs Doc:
No
Needs Merging:
No
Needs Automation:
No
Support Suite Ticket:
n/a
Hardware Configuration:
ChangeLog Required:
No

Description

            try:
                home = pwd.getpwnam(user).pw_dir
                search = os.path.join(home, ".ssh", "id_[edr]*.*")
                if not glob.glob(search):
                    raise ValueError
            except (KeyError, ValueError, AttributeError, TypeError):
                self._errors['rsync_user'] = self.error_class([
                    _("In order to use rsync over SSH you need a user<br />" 
                      "with a public key (DSA/ECDSA/RSA) set up in home dir."),
                ])
                cdata.pop('rsync_user', None)

Why do we check for public key? We need private key for SSH authentication (one of id_ed25519, id_rsa or id_dsa) not readable by group or world. Please reassign this back to me if agreed.

Associated revisions

Revision a1e78d3d (diff)
Added by 650elx about 1 year ago

fixed: also remove subdirs that apparently may be present after
migration
Ticket: #27967

History

#1 Updated by William Grzybowski about 1 year ago

  • Assignee changed from William Grzybowski to Vladimir Vinogradenko

Sounds right to me

#2 Updated by Dru Lavigne about 1 year ago

  • Category set to Middleware
  • Target version set to 11.2-RC2

#3 Updated by Bartosz Prokop about 1 year ago

  • Assignee changed from Vladimir Vinogradenko to Bartosz Prokop

I'm moving rsync:task code to the middlewared within #25945 so I can handle this at the same time.

#4 Updated by William Grzybowski about 1 year ago

  • Assignee changed from Bartosz Prokop to Waqar Ahmed
  • Target version changed from 11.2-RC2 to 11.2-BETA1

#5 Updated by Waqar Ahmed about 1 year ago

  • Status changed from Not Started to In Progress

#6 Updated by Waqar Ahmed about 1 year ago

  • % Done changed from 0 to 90

#7 Updated by Waqar Ahmed about 1 year ago

  • Status changed from In Progress to Done
  • % Done changed from 90 to 100

#8 Updated by Dru Lavigne about 1 year ago

  • Subject changed from «In order to use rsync over SSH you need a user with a public key (DSA/ECDSA/RSA) set up in home dir» — why public key? to Validate private key presence and permissions when using rsync over SSH
  • Needs Doc changed from Yes to No
  • Needs Merging changed from Yes to No

#9 Updated by Dru Lavigne 12 months ago

  • Status changed from Done to Ready for Testing

#10 Updated by Eric Turgeon 10 months ago

  • Severity set to New

looks to work fine.

#11 Updated by Eric Turgeon 10 months ago

  • Status changed from Ready for Testing to Passed Testing
  • Needs QA changed from Yes to No

#12 Updated by Dru Lavigne 10 months ago

  • Status changed from Passed Testing to Done

Also available in: Atom PDF