The source project of this merge request has been removed.
Disable AuthorizedKeysFile in Docker
What does this MR do?
Following up the work from !3191 (merged), disable AuthorizedKeysFile in Docker to achieve a similar performance benefit as following the recommendation to delete the authorized_keys file.
The file is still created and maintained (if not disabled via GitLab web interface), so it is easy to migrate from Docker to a normal omnibus install.
This is a breaking change for
- users who manipulate the
sshd_configin the Docker image and add something toAllowUsers(by default onlygitis allowed to login, so otherauthorized_keysfiles are ignored anyways) - users who somehow add other keys to the GitLab-maintained
authorized_keysfile that theAuthorizedKeysCommanddoesn't know about
Checklist
See Definition of done.
-
Changelog entry created. Not applicable for Documentation changes and minor changes. -
Documentation created/updated -
Tests added -
Integration tests added to GitLab QA, if applicable -
MR targeting masterbranch -
MR has a green pipeline on GitLab.com -
Equivalent MR/issue for CNG opened if applicable
Reviewer Checklist
In addition to above, reviewer must:
-
Pipeline is green on dev.gitlab.org if the change is not touching documentation or internal cookbooks
References
Edited by Sebastian Schloßer