Skip to content
GitLab
Next
    • GitLab: the DevOps platform
    • Explore GitLab
    • Install GitLab
    • How GitLab compares
    • Get started
    • GitLab docs
    • GitLab Learn
  • Pricing
  • Talk to an expert
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
    Projects Groups Topics Snippets
  • Register
  • Sign in
  • GitLab GitLab
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributor statistics
    • Graph
    • Compare revisions
    • Locked files
  • Issues 55.3k
    • Issues 55.3k
    • List
    • Boards
    • Service Desk
    • Milestones
    • Iterations
    • Requirements
  • Merge requests 1.6k
    • Merge requests 1.6k
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Artifacts
    • Schedules
    • Test cases
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages and registries
    • Packages and registries
    • Package Registry
    • Container Registry
    • Terraform modules
    • Model experiments
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Code review
    • Insights
    • Issue
    • Repository
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • GitLab.orgGitLab.org
  • GitLabGitLab
  • Issues
  • #23260
Closed
Open
Issue created Jul 13, 2018 by Ævar Arnfjörð Bjarmason@avarDeveloper

Add ability for admins to globally block users from uploading SSH keys that aren't deploy keys

Problem to solve

When GitLab is used in a mode where no SSH keys are uploaded to it, but instead only SSH certificates are used (per my ongoing PR at https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/19911) you don't want users to be able to manually upload SSH keys, because this can circumvent e.g. a 2FA policy on the issued certificate signed keys.

Proposal

There should be some setting in admin settings to disable uploading an key to the keys table whose type isn't DeployKey, with a corresponding UI change in user setting to either hide the SSH key tab, or explain to the user that they can't upload keys.

What does success look like, and how can we measure that?

Users should get an error when trying to upload keys via the UI or API.

Links / references

Assignee
Assign to
Time tracking