cannot authenticate; confusing error message with two accounts sharing the same SSH key pair #425

closed opened by

containers.tngl.sh edited 3 weeks ago

Steps:

Create two accounts on tngl
Add the same SSH key pair to both accounts
Try to access a repo with that SSH key pair

Expected

Error or warning explaining the issue "you are authenticating as X not Y"

Actual behavior

""access denied: user not allowed""

containers.tngl.sh (author) edited 3w ago

srry, this is a duplicate of #257: https://tangled.org/tangled.org/core/issues/257

boltless.me 3w ago

duplicate of https://tangled.org/tangled.org/core/issues/257

Yeah we really need to fix that error message (or just allow shared ssh keys imo)

oppi.li 3w ago

one way forward here is to generate the authorized-keys command differently: we can map each key to a list of DIDs that accept that key, rather than just a single key, and if any of those DIDs pass the push-allowed check, we perform the push.

boltless.me edited 3w ago

Yeah that's what I'm thinking of. We can just warn users when they have same ssh key to other account and just allow based on ssh key, not connected user. Maybe show something like "X and Y are using same ssh key" on settings page?

Labels

None yet.

area

None yet.

assignee

None yet.

Participants 3

AT URI

at://did:plc:kn7qek3yfcektmyspqndyorc/sh.tangled.repo.issue/3mfz7m63d7w22