SSH key audit/disable all SSH keys

Description

GitLab aims to maintain a secure work environment. Sometimes admins want to force users to verify their SSH keys and disable ones no longer needed/in use to minimize security risks.

Proposal

Provide an option to start an SSH key audit/disable all SSH keys. When a user tries to use the SSH key the system should then kick back a message to the user telling them they need to login and verify the key.

Links / references

GitHub Enterprise has a similar feature: https://help.github.com/enterprise/admin/articles/auditing-ssh-keys/

Documentation blurb

Overview

An admin can disable all SSH keys and force users to verify they are still using SSH key.

Use cases

• Secure instance by disabling all SSH keys
• Disable all SSH keys not used in X days or older than X days

Feature checklist

Make sure these are completed before closing the issue, with a link to the relevant commit.

• Feature assurance
• Documentation
• Added to features.yml