* don't load key when key size should not be checked
This makes it possible for users with incompatible ssh-keygen versions
to just disable the check completely without running into errors.
* add proper ed25519 constant
The x/crypto/ssh library has support for ed25519 now, so it is possible
to support it.
Fix new ssh key adding issues
Added regular exp match (108) and remove training new line (111) that cause system to think its an ssh2 key.
* #3480
An error occurred
Fix new ssh key adding issues
-Sanitizate new lines (windows format) in posted key
-Edit sanitization implementation to use string replace for code readability and maintenability.
This commit adds the possibibility to use either the native golang
libraries or ssh-keygen to check public keys. The check is adjusted
depending on the settings, so that only supported keys are let through.
This commit also brings back the blacklist feature, which was removed in
7ef9a05588. This allows to blacklist
algorythms or keys based on the key length. This works with the native
and the ssh-keygen way.
Because of #2179
An error occurred
it also includes a way to adjust the path to
ssh-keygen and the working directory for ssh-keygen. With this,
sysadmins should be able to adjust the settings in a way, that SELinux
is okay with it. In the worst case, they can switch to the native
implementation and only loose support for ed25519 keys at the moment.
There are some other places which need adjustment to utilize the
parameters and the native implementation, but this sets the ground work.