[PR #466] [MERGED] feat: implement ingress secure keys (FIDO2) #504

New issue

Closed

opened 2026-05-07 00:21:14 +02:00 by BreizhHardware · 0 comments

BreizhHardware commented 2026-05-07 00:21:14 +02:00

Owner

Copy link

📋 Pull Request Information

Original PR: https://github.com/ovh/the-bastion/pull/466
Author: @speed47
Created: 4/9/2024
Status: ✅ Merged
Merged: 4/10/2024
Merged by: @speed47

Base: master ← Head: issue-456

---

📝 Commits (8)

• 0ed6ef8 Implement Ingress Secure Keys
• db5113c Escape dots in regex patterns for ssh algorithms
• 6bad6da Factor out in a generic function the helper listing allowed ssh key algorithm
• 065e14d Drop an unused variable in print_accepted_key_algorithms
• ee2869b chore: perltidy
• 7659ab2 enh: use print_accepted_key_algorithms everywhere
• 5de66f3 Adding tests for secure keys feature
• b568623 fix: tests: don't test FIDO2 on unsupported distros

📊 Changes

26 files changed (+252 additions, -308 deletions)

View changed files

📝 bin/plugin/group-owner/groupGenerateEgressKey (+3 -3)
📝 bin/plugin/open/selfAddIngressKey (+3 -16)
📝 bin/plugin/open/selfGenerateEgressKey (+3 -4)
📝 bin/plugin/restricted/accountCreate (+3 -15)
📝 bin/plugin/restricted/groupCreate (+10 -29)
📝 bin/plugin/restricted/realmCreate (+10 -17)
➖ doc/sphinx-plugins-override/groupCreate.override.rst (+0 -55)
➖ doc/sphinx-plugins-override/selfGenerateEgressKey.override.rst (+0 -43)
📝 doc/sphinx/administration/configuration/bastion_conf.rst (+2 -2)
📝 doc/sphinx/development/setup.rst (+1 -0)
📝 doc/sphinx/plugins/group-owner/groupGenerateEgressKey.rst (+6 -12)
📝 doc/sphinx/plugins/open/selfGenerateEgressKey.rst (+19 -21)
📝 doc/sphinx/plugins/restricted/groupCreate.rst (+30 -30)
📝 docker/Dockerfile.debian11 (+1 -1)
📝 docker/Dockerfile.debian12 (+1 -1)
📝 docker/Dockerfile.opensuse15 (+2 -2)
📝 docker/Dockerfile.rockylinux9 (+1 -1)
📝 docker/Dockerfile.ubuntu2004 (+1 -1)
📝 docker/Dockerfile.ubuntu2204 (+1 -1)
📝 etc/bastion/bastion.conf.dist (+3 -3)

...and 6 more files

📄 Description

No description provided

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/ovh/the-bastion/pull/466 **Author:** [@speed47](https://github.com/speed47) **Created:** 4/9/2024 **Status:** ✅ Merged **Merged:** 4/10/2024 **Merged by:** [@speed47](https://github.com/speed47) **Base:** `master` ← **Head:** `issue-456` --- ### 📝 Commits (8) - [`0ed6ef8`](https://github.com/ovh/the-bastion/commit/0ed6ef837c1a94caf39875205384caede653d6e5) Implement Ingress Secure Keys - [`db5113c`](https://github.com/ovh/the-bastion/commit/db5113c8186b562edf7802fb873a7df4f2eb8fdd) Escape dots in regex patterns for ssh algorithms - [`6bad6da`](https://github.com/ovh/the-bastion/commit/6bad6dae434642905e4e33498eeef107b0ff73a3) Factor out in a generic function the helper listing allowed ssh key algorithm - [`065e14d`](https://github.com/ovh/the-bastion/commit/065e14dedba6bfe2641cd1a1bb390fcc1d88ae1f) Drop an unused variable in print_accepted_key_algorithms - [`ee2869b`](https://github.com/ovh/the-bastion/commit/ee2869b642abd0fe93cc27eb82df1810e5e9e755) chore: perltidy - [`7659ab2`](https://github.com/ovh/the-bastion/commit/7659ab2f38aa05959c7fac5d0f0dd4790452ae0c) enh: use print_accepted_key_algorithms everywhere - [`5de66f3`](https://github.com/ovh/the-bastion/commit/5de66f3817966f18c59fcc571c3a9f4673eadd0c) Adding tests for secure keys feature - [`b568623`](https://github.com/ovh/the-bastion/commit/b5686231b374bfa5e626e75477bab6b16dd7b1e8) fix: tests: don't test FIDO2 on unsupported distros ### 📊 Changes **26 files changed** (+252 additions, -308 deletions) <details> <summary>View changed files</summary> 📝 `bin/plugin/group-owner/groupGenerateEgressKey` (+3 -3) 📝 `bin/plugin/open/selfAddIngressKey` (+3 -16) 📝 `bin/plugin/open/selfGenerateEgressKey` (+3 -4) 📝 `bin/plugin/restricted/accountCreate` (+3 -15) 📝 `bin/plugin/restricted/groupCreate` (+10 -29) 📝 `bin/plugin/restricted/realmCreate` (+10 -17) ➖ `doc/sphinx-plugins-override/groupCreate.override.rst` (+0 -55) ➖ `doc/sphinx-plugins-override/selfGenerateEgressKey.override.rst` (+0 -43) 📝 `doc/sphinx/administration/configuration/bastion_conf.rst` (+2 -2) 📝 `doc/sphinx/development/setup.rst` (+1 -0) 📝 `doc/sphinx/plugins/group-owner/groupGenerateEgressKey.rst` (+6 -12) 📝 `doc/sphinx/plugins/open/selfGenerateEgressKey.rst` (+19 -21) 📝 `doc/sphinx/plugins/restricted/groupCreate.rst` (+30 -30) 📝 `docker/Dockerfile.debian11` (+1 -1) 📝 `docker/Dockerfile.debian12` (+1 -1) 📝 `docker/Dockerfile.opensuse15` (+2 -2) 📝 `docker/Dockerfile.rockylinux9` (+1 -1) 📝 `docker/Dockerfile.ubuntu2004` (+1 -1) 📝 `docker/Dockerfile.ubuntu2204` (+1 -1) 📝 `etc/bastion/bastion.conf.dist` (+3 -3) _...and 6 more files_ </details> ### 📄 Description _No description provided_ --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

BreizhHardware 2026-05-07 00:21:14 +02:00

• closed this issue
• added the
  pull-request
  label

BreizhHardware referenced this issue 2026-05-07 00:21:23 +02:00

[PR #504] [MERGED] Correction of error message and documentation #534

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

expifix

groupcreate_fix_uid

fix_group_gid_fast

gh-pages

clush

expiration

jsonvalidator

v3.23.01

v3.23.00

v3.22.00

v3.21.00

v3.20.00

v3.19.01

v3.19.00

v3.18.99-rc1

v3.18.00

v3.17.01

v3.17.00

v3.16.99-rc3

v3.16.99-rc2

v3.16.99-rc1

v3.16.01

v3.16.00

v3.15.00

v3.14.16

v3.14.15

v3.14.00

v3.13.01

v3.13.00

v3.12.00

v3.11.02

v3.11.01

v3.11.00

v3.10.00

v3.09.02

v3.09.00-really

v3.09.00

v3.09.00-rc3

v3.09.00-rc2

v3.09.00-rc1

v3.08.01

v3.08.00

v3.07.00

v3.06.00

v3.05.01

v3.05.00

v3.04.00

v3.03.99-rc2

v3.03.99-rc1

v3.03.01

v3.03.00

v3.02.00

v3.01.99-rc4

v3.01.99-rc3

v3.01.99-rc2

v3.01.99-rc1

v3.01.03

v3.01.02

v3.01.01

v3.01.00

v3.00.02

v3.00.01

v3.00.00

Labels

Clear labels   

answered

  

bug

  

documentation

  

enhancement

  

enhancement

  

feature

  

feature

  

kept-open-for-info

  

pull-request

Mirrored from GitHub Pull Request

  

question

No labels

answered

bug

documentation

enhancement

enhancement

feature

feature

kept-open-for-info

pull-request

question

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/the-bastion#504

No description provided.