1. 06 Jul, 2018 1 commit
  2. 05 Jul, 2018 1 commit
  3. 01 Jan, 2018 1 commit
  4. 07 Oct, 2017 1 commit
    • Jacopo's avatar
      Replaces `tag: true` into `:tag` in the specs · 0ce67858
      Jacopo authored
      Replaces all the explicit include metadata syntax in the specs (tag:
      true) into the implicit one (:tag).
      Added a cop to prevent future errors and handle autocorrection.
      0ce67858
  5. 30 Aug, 2017 2 commits
    • Nick Thomas's avatar
      Rework the permissions model for SSH key restrictions · 68470602
      Nick Thomas authored
      `allowed_key_types` is removed and the `minimum_<type>_bits` fields are
      renamed to `<tech>_key_restriction`. A special sentinel value (`-1`) signifies
      that the key type is disabled.
      
      This also feeds through to the UI - checkboxes per key type are out, inline
      selection of "forbidden" and "allowed" (i.e., no restrictions) are in.
      
      As with the previous model, unknown key types are disallowed, even if the
      underlying ssh daemon happens to support them. The defaults have also been
      changed from the lowest known bit size to "no restriction". So if someone
      does happen to have a 768-bit RSA key, it will continue to work on upgrade, at
      least until the administrator restricts them.
      68470602
    • Nick Thomas's avatar
      Add settings for minimum key strength and allowed key type · b0f982fb
      Nick Thomas authored
      This is an amalgamation of:
      
      * Cory Hinshaw: Initial implementation !5552
      * Rémy Coutable: Updates !9350
      * Nick Thomas: Resolve conflicts and add ED25519 support !13712
      b0f982fb
  6. 27 Jul, 2017 1 commit
  7. 29 Jun, 2017 1 commit
  8. 20 Jun, 2017 1 commit
  9. 27 Feb, 2017 1 commit
  10. 03 Oct, 2016 1 commit
  11. 13 Sep, 2016 1 commit