GitLab should check if keys are valid before saving

ZD: https://gitlab.zendesk.com/agent/tickets/85517

Nov 24 05:09:04 sc-prd-scm-gitlabrails004 sshd[32485]: error: buffer_get_ret: trying to get more bytes 513 than in buffer 38 
Nov 24 05:09:04 sc-prd-scm-gitlabrails004 sshd[32485]: error: buffer_get_string_ret: buffer_get failed 
Nov 24 05:09:04 sc-prd-scm-gitlabrails004 sshd[32485]: error: buffer_get_bignum2_ret: invalid bignum 
Nov 24 05:09:04 sc-prd-scm-gitlabrails004 sshd[32485]: error: key_from_blob: can't read rsa key 
Nov 24 05:09:04 sc-prd-scm-gitlabrails004 sshd[32485]: error: key_read: key_from_blob 
<keyblob ending with \n>

From the customer:

Throwing this into a .pub file and running 'ssh-keygen -lf ' shows the key is invalid. I suspect that what happens is that a user has a key that wraps to several lines, whatever cut-and-paste tool they use inserts '\n'.

As an experiment I took this key, modified a character and submitted it as a key in my own profile. This invalid key was accepted.

Naturally I can write a script to remove invalid keys from the system, but should GitLab not do a check before accepting the key? Much better to be proactive instead of being forced to be reactive.

I see a record of us knowing about this a bit ago: omnibus-gitlab#204 (comment 172958) We should figure out if we can run: ssh-keygen -lf <file> or the ruby equivalent on key save.