Bundle private/public keys in one flat archive #22
Comments
|
Yes, please do.
…On Tue, Mar 27, 2018 at 5:02 AM, aaaaalbert ***@***.***> wrote:
Feedback from the SAS 2018 Sensibility Hackathon: The Custom Installer
Builder creates new key pairs for users if you don't upload public keys for
them. After the *Build* step, three separate downloads are offered:
- An archive containing all private keys (if any),
- An archive containing all public keys, including those that were
uploaded,
- And finally, the customized installers themselves.
Also, the keys archives each contain and thus extract into a directory,
public_keys/ and private_keys/, respectively. Navigating these dirs to
just copy over the keys to a demokit dir has been described as "a pain",
particularly on Windows.
A suggested solution is to,
1. Put all keys / key pairs into a single archive (to avoid handling
multiple archives)
2. Make the archive "flat", i.e. not contain a subdirectory (so that
its contents will extract right into the dir that the archive is placed in)
The place to modify is this bit in packager.py
<https://github.com/SeattleTestbed/custominstallerbuilder/blob/0e1573ae0211f4a506745cc591071a908b39e59a/common/packager.py#L167-L224>.
We'll need to check that the workflow where pubkeys are uploaded keeps
working, as our Clearinghouses depend on it.
@yyzhuang <https://github.com/yyzhuang>, @JustinCappos
<https://github.com/JustinCappos>, let me hear what you think.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#22>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AA0XD3rN9H2Xxi00nogSHxCVG1hGJDTsks5tigA7gaJpZM4S8i9l>
.
|
|
Please go ahead and make the changes, also making sure that uploading keys won't break. Thanks. |
|
One observation from my initial tests: OS X will always extract archives that contain more than one file into a sub-directory of the current working dir. This is still mildly painfull, but at least you can |
aaaaalbert
added a commit
to aaaaalbert/custominstallerbuilder
that referenced
this issue
Mar 28, 2018
This work-in-progress patch addresses SeattleTestbed#22. It mainly modifies the CIB packager to put all user keys, public and private, into a single, flat archive. For this, a few changes in the logic are necessary. * In `common/constants.py`, replace a few "public/private" constants with "keypair" ones * In `common/packager.py`, modify `package_keys` to conform to the new specification -- all keys shall go into a single archive with no internal subdirectories * Also modify the helper functions accordingly * In `html/static/js/keys.js`, replace the download check function for private keys so that the logic hinges on having downloaded the keypairs archive now * In `html/templates/download_keys.html`, replace the private/public key download buttons and checks with ones for keypairs. * In `html/views.py`, remove the use of `has_private_keys` (which controlled the download buttons, see above). More simplifications are possible, I guess, so consider this commit work in progress!
|
This would be fine. It saves many steps of downloading, separately
unpacking, and copying files.
Justin
…On Wed, Mar 28, 2018 at 7:43 AM, aaaaalbert ***@***.***> wrote:
One observation from my initial tests: OS X will always extract archives
that contain more than one file into a sub-directory of the current working
dir. This is still mildly painfull, but at least you can loadkeys
keys/username in seash which works as long as the public and private keys
are in the same dir.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#22 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AA0XD9Q6MXKFdu-w3RNTRL1ggMhnGDLnks5ti3dmgaJpZM4S8i9l>
.
|
|
Alright, here's a running prototype for you to test: https://seattle-dev.engineering.nyu.edu/cib/ Please use (and try to break) it in any way conceivable --- different browsers and OSses, Private tabs and plain ones, all combinations of public keys and CIB-created users, whatever you can think of ---, and provide feedback below. Also feel free to review the suggested patch, aaaaalbert/custominstallerbuilder@64787d0. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Feedback from the SAS 2018 Sensibility Hackathon: The Custom Installer Builder creates new key pairs for users if you don't upload public keys for them. After the Build step, three separate downloads are offered:
Also, the keys archives each contain and thus extract into a directory,
public_keys/andprivate_keys/, respectively. Navigating these dirs to just copy over the keys to a demokit dir has been described as "a pain", particularly on Windows.A suggested solution is to,
The place to modify is this bit in
packager.py. We'll need to check that the workflow where pubkeys are uploaded keeps working, as our Clearinghouses depend on it.@yyzhuang, @JustinCappos, let me hear what you think.
The text was updated successfully, but these errors were encountered: