Update help/instance_configuration: hide SSH keys if algorithm disabled (!70413) · Merge requests · GitLab.org / GitLab

Jonas Wälter requested to merge siemens/gitlab:instance-config-ssh-algorithms-disabled into master Sep 15, 2021

What does this MR do and why?

On /help/instance_configuration#ssh-host-keys-fingerprints, you can find the SSH host keys for different algorithms (DSA, ECDSA, ED25519, RSA). At the same time, the algorithms can be forbidden in the application settings if necessary.

Application settings (Admin Area > General > Visibility and access controls)

However, if an algorithm has been forbidden in the application settings, its SSH keys are still listed on the /help/instance_configuration page.

This MR fixes the help page so that it displays only the SSH keys of algorithms that are not forbidden in the application settings.

🛠 with ❤ at Siemens

/cc @bufferoverflow

How to set up and validate locally

Visit {base_url}/help/instance_configuration#ssh-host-keys-fingerprints.
Visit {base_url}/admin/application_settings/general#js-visibility-settings and forbid an algorithm (DSA, ECDSA, ED25519, RSA).

Clear Rails cache

Rails.cache.delete('instance_configuration')

Visit {base_url}/help/instance_configuration#ssh-host-keys-fingerprints.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Sep 22, 2021 by Mario Celi

Update help/instance_configuration: hide SSH keys if algorithm disabled

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports