Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add default timeout to legacy ssh.ClientConfig #15440

Merged
merged 2 commits into from
May 16, 2022
Merged

Add default timeout to legacy ssh.ClientConfig #15440

merged 2 commits into from
May 16, 2022

Conversation

cipherboy
Copy link
Contributor

@cipherboy cipherboy commented May 16, 2022
edited
Loading

When using the deprecated Dynamic SSH Keys method, Vault will make an
outbound SSH connection to an arbitrary remote host to place SSH keys.
We now set a timeout of 1 minute for this connection.

It is strongly recommended consumers of this SSH secrets engine feature
migrate to the more secure, and otherwise equivalent, SSH certificates
method.

Signed-off-by: Alexander Scheel <[email protected]>

@cipherboy
Add default timeout to legacy ssh.ClientConfig
1dfb1b7 
When using the deprecated Dynamic SSH Keys method, Vault will make an
outbound SSH connection to an arbitrary remote host to place SSH keys.
We now set a timeout of 1 minute for this connection.

It is strongly recommended consumers of this SSH secrets engine feature
migrate to the more secure, and otherwise equivalent, SSH certificates
method.

Signed-off-by: Alexander Scheel <[email protected]>
@cipherboy cipherboy added bug Used to indicate a potential bug secret/ssh labels May 16, 2022
@cipherboy cipherboy added this to the 1.11.0-rc1 milestone May 16, 2022
@cipherboy cipherboy requested review from sgmiller and a team May 16, 2022 15:29
@cipherboy
Add changelog
4c5be6b 
Signed-off-by: Alexander Scheel <[email protected]>
@cipherboy cipherboy force-pushed the cipherboy-set-ssh-timeout branch from c17419f to 4c5be6b Compare May 16, 2022 15:32
@cipherboy
Copy link
Contributor Author

Thanks! Merging...

@cipherboy cipherboy merged commit 2481dbb into main May 16, 2022
@cipherboy cipherboy deleted the cipherboy-set-ssh-timeout branch May 17, 2022 14:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sgmiller sgmiller sgmiller approved these changes

Assignees
No one assigned
Labels
bug Used to indicate a potential bug secret/ssh
Projects
None yet
Milestone
1.11.0-rc1
Development

Successfully merging this pull request may close these issues.
2 participants
@cipherboy @sgmiller