Creating an SSH key/pair for host with invalid characters breaks Che for that user #14912
Assignees
Labels
kind/bug
Outline of a bug - must adhere to the bug report template.
severity/P1
Has a major impact to usage or development of the system.
Milestone
Comments
andy316x
added
the
kind/bug
che-bot
added
the
status/need-triage
tsmaeder
added
severity/blocker
|
I am not assigning "blocker" because I don't expect many users to encounter it, but once it happens, it sounds really bad. |
|
we have PR for this need to test it again #14243 |
|
Since new SSH keys name validation has been applied: eclipse-che/che-theia#444 it could be reproduced only by creating a key via API. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Platform
Openshift v3.11
Che 7.3.0-SNAPSHOT
Steps to reproduce
Open a workspace
Run the command “SSH: Generate key pair for particular host”
Enter a host with an invalid character - for example a space a forward slash
Close the workspace and try and reopen it
Openshift throws an error saying that the secret being generated is invalid
This is a real issue as the user can no longer open any workspace, meaning they can’t even rectify the problem themselves, rendering Che completely unusable for the affected user, with no means to recover.
I was able to resolve the issue for the affected user by removing the invalid key pair from the Postgres DB.
I think what needs to happen is for the host to be validated by the generate key pair command before allowing it to be created - this validation process should at least only permit acceptable values in an Openshift secret name. Or maybe the host value that is used to create the secret name needs to be sanitised.
The text was updated successfully, but these errors were encountered: