The source project of this merge request has been removed.
Disable AuthorizedKeysFile in Docker
What does this MR do?
Following up the work from !3191 (merged), disable AuthorizedKeysFile
in Docker to achieve a similar performance benefit as following the recommendation to delete the authorized_keys
file.
The file is still created and maintained (if not disabled via GitLab web interface), so it is easy to migrate from Docker to a normal omnibus install.
This is a breaking change for
- users who manipulate the
sshd_config
in the Docker image and add something toAllowUsers
(by default onlygit
is allowed to login, so otherauthorized_keys
files are ignored anyways) - users who somehow add other keys to the GitLab-maintained
authorized_keys
file that theAuthorizedKeysCommand
doesn't know about
Checklist
See Definition of done.
-
Changelog entry created. Not applicable for Documentation changes and minor changes. -
Documentation created/updated -
Tests added -
Integration tests added to GitLab QA, if applicable -
MR targeting master
branch -
MR has a green pipeline on GitLab.com -
Equivalent MR/issue for CNG opened if applicable
Reviewer Checklist
In addition to above, reviewer must:
-
Pipeline is green on dev.gitlab.org if the change is not touching documentation or internal cookbooks
References
Edited by Sebastian Schloßer