Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Identity-based auth #1067

Merged
merged 10 commits into from
Jun 12, 2017
Merged

Identity-based auth #1067

merged 10 commits into from
Jun 12, 2017

Conversation

kontsevoy
Copy link
Contributor

@kontsevoy kontsevoy commented Jun 12, 2017
edited
Loading

This is a cleaner version of #1063

kontsevoy added 10 commits June 9, 2017 21:25
@kontsevoy
Minor chnges to tctl (langauge/naming)
91bd5d6 
This commit does not change tctl behavior
@kontsevoy
Merge remote-tracking branch 'origin/master' into ev/i
c0d7ecb
@kontsevoy
Removed "upserted" language from tctl CLI
7ed43d6 
Fixes #857
@kontsevoy
Added a bit more logging to session creation code
efaf2dc
@kontsevoy
Implemented identity loading
37319d6 
First part of addressing #1033 is ability to load credentials from the
credentials file(s).

This commit adds -i flag processing, i.e. a certificate can be fed via a
cert.file and used to login.
@kontsevoy
Added host authorization to identity-based auth
ef790ee 
Hooked up -i auth into the proper place
@kontsevoy
Covered host authentication with tests
3ff5820
@kontsevoy
Merge branch 'master' into ev/i
d046eae
@kontsevoy
Code review edits
63cef00 
key-agent changes:

tsh now ignores public keys loaded from the SSH key agent unless they
are certificates. this fixes the problem of 'host auth' callback being
called for 3rd party public keys in the SSH-agent (and tsh had no choice
but to prompt user if he wanted to add thoses hosts to known_hosts file)

tctl auth changes:

`tctl auth` now outputs to stdout by default. If you set -o to a file,
it will use that file instead. Getting rid of -o was not possible
because it's still useful if --format is set to `dir` (OpenSSH
compatible output).

other changes:

- added more detailed comments in a few places
- restored error handling logic
@kontsevoy
Merge remote-tracking branch 'origin/master' into ev/i
7c3a237
@kontsevoy kontsevoy requested a review from russjones June 12, 2017 20:17
@kontsevoy kontsevoy merged commit 3ca3362 into master Jun 12, 2017
@kontsevoy kontsevoy deleted the ev/i branch June 13, 2017 04:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@russjones russjones russjones approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@kontsevoy @russjones