SAML + SSH keys (like ldap sync feature)
Description
from a security perspective / improvement with the SAML integration. We are hoping a feature could be added for the SAML response to include a user’s ssh pub key and set this key into the users profile, much like the sync_ssh_keys for LDAP. This would also enhance security around the service as a central key authority could be in control of the Users ssh key instead of it being self managed.
Proposal
In the SAML configuration, I'd want an attribute to tell GitLab where to look for a pub key in the SAML response. It should also have the option to prevent the user from adding keys, meaning the only key the user is allowed to have is from the SAML response. Some additional controls would need to be added, this should flush out the bits around that:
· Disable user’s ability to manage ssh keys (we would want the only allowed key to come from SAML)
· A global expiration time for ssh keys (can’t have users never log in and the key doesn’t get refreshed from SAML if it’s changed)
· Logging in via the UI resets the expiration timer
· An expire key now button for admins. I suppose this is the same as just removing the keys, except I’d also want an email auto sent to the user “An admin has expired your ssh key for the user account ‘BLAH’. Please log into (domain) to sync this attribute.”
· A per user expiration date that would override the global setting
· Display counter next to ssh key until expiration
· Allow SAML assertion to specify when the key expires
Let me know if we missed anything in that recomendation.