Use `ssh_data` gem instead of `net-ssh` and `sshkey` where possible (!77424) · Merge requests · GitLab.org / GitLab

Bogdan Denkovych requested to merge use-ssh_data-gem into master Dec 29, 2021

What does this MR do and why?

In #213259 (closed) we want to add support new types of public ssh keys - ed25519_sk, ecdsa_sk. Gems we use(https://github.com/net-ssh/net-ssh, https://github.com/bensie/sshkey) for parsing ssh keys don't support those types of ssh keys.

I found another gem ssh_data with MIT License that is well maintained. https://github.com/github/ssh_data. This gem support all the ssh key types we need and ed25519_sk, ecdsa_sk too. This MR would allow us to proceed with #213259 (closed).

This MR removes sshkey gem from our dependencies.

This MR removes SSHKeygen from the codebase.

About net-ssh: This gem remains to be used in https://gitlab.com/gitlab-org/gitlab/-/blob/b6792b4b055cd953148dde308ae08599606efb91/app/validators/x509_certificate_credentials_validator.rb#L44. We might be able to remove net-ssh, ed25519, bcrypt_pbkdf gems from dependencies too. See !77424 (comment 812526274). But it is better to do it in a separate MR.

Changelog: other

Screenshots or screen recordings

These are strongly recommended to assist reviewers and reduce the time to merge your change.

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Jan 17, 2022 by Bogdan Denkovych

Use `ssh_data` gem instead of `net-ssh` and `sshkey` where possible

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports