#155 Publicise the server's SSH keys configured
Merged 9 years ago by . Opened 9 years ago by pingou.

file modified
+8
@@ -87,6 +87,14 @@ 

  GL_BINDIR = None

  

  

+ # SSH Information

+ 

+ ### The ssh certificates of the git server to be provided to the user

+ ### /!\ format is important

+ # SSH_KEYS = {'RSA': {'fingerprint': '<foo>', 'pubkey': '<bar>'}}

+ 

+ 

+ 

  # Optional configuration

  

  ### Number of items displayed per page

@@ -0,0 +1,33 @@ 

+ {% extends "master.html" %}

+ 

+ {% block title %}Doc: SSH hostkeys/Fingerprints{% endblock %}

+ {%block tag %}home{% endblock %}

+ 

+ 

+ {% block content %}

+ 

+ <h1>SSH Hostkeys/Fingerprints</h1>

+ 

+ SSH host keys and fingerprints can be use to ensure you are connecting to

+ pagure's server and not someone else's.

+ 

+ Here below are the SSH Hostkey and the Fingerprint of this current pagure

+ instance:

+ 

+ {% if config.get('SSH_KEYS') %}

+ 

+ {% for cert in config.get('SSH_KEYS') %}

+ <h4>{{ cert }} Fingerprint</h4>

+ <pr>{{ config['SSH_KEYS'][cert]['fingerprint'] }}</pr>

+ 

+ <h4>{{ cert }} Hostkey</h4>

+ <pr>{{ config['SSH_KEYS'][cert]['pubkey'] }}</pr>

+ {% endfor %}

+ 

+ {% else %}

+ <p>No SSH keys have been specified in the configuration file.</p>

+ <p>You should ask an admin to fill this information.</p>

+ {% endif %}

+ 

+ 

+ {% endblock %}

@@ -169,8 +169,12 @@ 

      <table>

        <tr>

          <th>Git URLs</th>

-         <td><a id="more_gits">more</a></td>

-         <td></td>

+         <td><a id="more_gits">more</a> | </td>

+         <td>

+           <a href="{{ url_for('ssh_hostkey') }}">

+             SSH Hostkey/Fingerprint

+           </a>

+         </td>

          <td></td>

        </tr>

        <tr>

file modified
+10
@@ -497,3 +497,13 @@ 

              APP.logger.exception(err)

  

      return flask.redirect(flask.url_for('.user_settings'))

+ 

+ 

+ @APP.route('/ssh_info')

+ def ssh_hostkey():

+     """ Endpoint returning information about the SSH hostkey and fingerprint

+     of the current pagure instance.

+     """

+     return flask.render_template(

+         'doc_ssh_keys.html',

+     )

no initial comment

Code looks good to me, though you could get away with configuring just hostkey and derive the fingerprint for it yourself, but this works for me.

:rabbit:

Though note that for SSH, this is often called "public key" rather than "certificate", as people associate the name "certificate" with an X509 certificate.