On 6/10/21 1:39 PM, Steven Guikal via aur-dev wrote: > These were added in OpenSSH bersion 8.2[1]. > > Fixes #36 > > [1]: https://www.openssh.com/txt/release-8.2 > --- > > Just a heads up that I haven't tested this and aren't sure if the keys > are used anywhere else that may be affected (though a grep makes me > think they aren't). > > web/lib/acctfuncs.inc.php | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php > index df016c6d..efc08331 100644 > --- a/web/lib/acctfuncs.inc.php > +++ b/web/lib/acctfuncs.inc.php > @@ -877,7 +877,8 @@ function valid_pgp_fingerprint($fingerprint) { > function valid_ssh_pubkey($pubkey) { > $valid_prefixes = array( > "ssh-rsa", "ssh-dss", "ecdsa-sha2-nistp256", > - "ecdsa-sha2-nistp384", "ecdsa-sha2-nistp521", "ssh-ed25519" > + "ecdsa-sha2-nistp384", "ecdsa-sha2-nistp521", "ssh-ed25519", > + "[email protected]", "[email protected]" > ); > > $has_valid_prefix = false;
Thanks! But in aurweb/git/auth.py we check $AUR_CONFIG (defaults in conf/config.defaults) for valid-keytypes in the AuthorizedKeysCommand, I'm not 100% sure why we bother but we do. -- Eli Schwartz Bug Wrangler and Trusted User
OpenPGP_signature
Description: OpenPGP digital signature
