Conversation
…h status with hardware_key_touch.
github-actions
Bot
added
size/sm
tctl
Contributor
Author
|
Open question: would it be better for us to disable cluster alerts from |
Contributor
|
@Joerger seems reasonable to me. Making |
GavinFrazar
reviewed
Jan 27, 2023
GavinFrazar
reviewed
Jan 28, 2023
Contributor
|
and do we want to backport this to v12? |
strideynet
approved these changes
Jan 30, 2023
Contributor
strideynet
left a comment
strideynet
left a comment
There was a problem hiding this comment.
Looks good - @GavinFrazar raises a good point on dealing with the private key policy returned from the ping response to handle situations where the CAP has changed. I'll leave that between you two to sort out, and will approve this PR assuming that is resolved.
GavinFrazar
approved these changes
Jan 30, 2023
public-teleport-github-review-bot
Bot
removed the request for review
from xacrimon
Joerger
added a commit
that referenced
this pull request
Jan 30, 2023
* Save private key policy in profile. * Fix tsh status/logout with yubikey unplugged; fix cluster alert on tsh status with hardware_key_touch. * Set private key policy from ping response. * Skip cluster alerts on tsh status.
Joerger
added a commit
that referenced
this pull request
Jan 30, 2023
* Save private key policy in profile. * Fix tsh status/logout with yubikey unplugged; fix cluster alert on tsh status with hardware_key_touch. * Set private key policy from ping response. * Skip cluster alerts on tsh status.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Changes:
tshcan detect the private key policy without loading up the key, ex: fix tsh db connect with hardware backed key #20806tsh statusandtsh logoutwhen the user unplugs their Yubikey.tsh statusnow shows profile expired, matching the output when you delete the private key from disk.tsh statuscluster alert check when used with private key policyhardare_key_touch.