mirror of
https://github.com/freedombox/FreedomBox.git
synced 2026-01-21 07:55:00 +00:00
6b61ca2f18
This change prevents the plinth user to set the ssh-keys without knowing the user password. - Debian: added new dependency python3-pampy to authenticate users. - Added additional required parameter --auth-user to the 'actions/ssh set-keys' command. A password should be provided through STDIN. Tests performed: - running 'actions/ssh set-keys' with empty or wrong admin credentials fails. - running 'actions/ssh set-keys' with correct admin credentials succeeds. - running 'actions/ssh set-keys' with correct non-admin credentials succeeds if the --username is the same user. - running 'actions/ssh set-keys' with correct non-admin credentials fails if the --username is a different user. Signed-off-by: Veiko Aasa <veiko17@disroot.org> Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>