Missing SSH public keys from LDAP #6949

New Issue

Closed

opened 2025-11-02 07:11:57 -06:00 by GiteaMirror · 5 comments

GiteaMirror commented 2025-11-02 07:11:57 -06:00

Owner

Copy Link

Originally created by @strk on GitHub (Mar 2, 2021).

I'm still having trouble with public ssh keys synchronization from LDAP.
I have added 4 sshPublicKey in LDAP but only see 2 in Gitea.

One thing I noticed is that 3 of those 4 keys I have in LDAP all start with the same list of characters, and the portion of the key shown by Gitea is the start of such "common substring". Maybe Gitea is just assuming the keys are EQUAL due to this shared initial string ? The keys are of ecdsa-sha2-nistp521 type and the first character outside the substring shown by Gitea is a b (not found before).

It would help if Gitea showed the whole key somehow, or at least the key comment at the end, to know what it's taking in consideration.

Gitea Version: 1.12.3

Originally created by @strk on GitHub (Mar 2, 2021). I'm still having trouble with public ssh keys synchronization from LDAP. I have added 4 sshPublicKey in LDAP but only see 2 in Gitea. One thing I noticed is that 3 of those 4 keys I have in LDAP all start with the same list of characters, and the portion of the key shown by Gitea is the start of such "common substring". Maybe Gitea is just assuming the keys are EQUAL due to this shared initial string ? The keys are of ecdsa-sha2-nistp521 type and the first character outside the substring shown by Gitea is a `b` (not found before). It would help if Gitea showed the whole key somehow, or at least the key comment at the end, to know what it's taking in consideration. Gitea Version: 1.12.3

GiteaMirror added the issue/duplicate label 2025-11-02 07:11:57 -06:00

GiteaMirror closed this issue 2025-11-02 07:11:58 -06:00

GiteaMirror commented 2025-11-02 07:11:58 -06:00

Author

Owner

Copy Link

@strk commented on GitHub (Mar 2, 2021):

Sorry, I was misleaded by the need to logout/login again to see changes done in LDAP.
Now that I did I realize that with the given version of Gitea, only a SINGLE key is retrieved from LDAP when there are multiple ones.

Sounds like a revival of #13984 but I cannot find traces of the fix for that one in the CHANGELOG.md file. @zeripath any idea bout that ? Could you figure that out and add to CHANGELOG in the appropriate section ?

@strk commented on GitHub (Mar 2, 2021): Sorry, I was misleaded by the need to logout/login again to see changes done in LDAP. Now that I did I realize that with the given version of Gitea, only a SINGLE key is retrieved from LDAP when there are multiple ones. Sounds like a revival of #13984 but I cannot find traces of the fix for that one in the CHANGELOG.md file. @zeripath any idea bout that ? Could you figure that out and add to CHANGELOG in the appropriate section ?

GiteaMirror commented 2025-11-02 07:11:58 -06:00

Author

Owner

Copy Link

@strk commented on GitHub (Mar 2, 2021):

Logs from Gitea, about the "common substring":

2021/03/02 01:54:15 models/user.go:1746:addLdapSSHPublicKeys() [E] addLdapSSHPublicKeys[OSGeo LDAP]: Error adding LDAP Public SSH Key for user strk: public key already exists [owner_id: 2, name: OSGeo LDAP-ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTIt]

@strk commented on GitHub (Mar 2, 2021): Logs from Gitea, about the "common substring": > 2021/03/02 01:54:15 models/user.go:1746:addLdapSSHPublicKeys() [E] addLdapSSHPublicKeys[OSGeo LDAP]: Error adding LDAP Public SSH Key for user strk: public key already exists [owner_id: 2, name: OSGeo LDAP-ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTIt]

GiteaMirror commented 2025-11-02 07:11:59 -06:00

Author

Owner

Copy Link

@strk commented on GitHub (Mar 2, 2021):

Another problem (needs another ticket?) is that even if I enter a single key, ecdsa-sha2-nistp521 typed ssh key seems not supported (rsa works)

@strk commented on GitHub (Mar 2, 2021): Another problem (needs another ticket?) is that even if I enter a _single_ key, `ecdsa-sha2-nistp521` typed ssh key seems not supported (`rsa` works)

GiteaMirror commented 2025-11-02 07:11:59 -06:00

Author

Owner

Copy Link

@zeripath commented on GitHub (Mar 2, 2021):

Gitea Version: 1.12.3 <- do you mean 1.13.2 or 1.12.3?

@zeripath commented on GitHub (Mar 2, 2021): Gitea Version: 1.12.3 <- do you mean 1.13.2 or 1.12.3?

GiteaMirror commented 2025-11-02 07:11:59 -06:00

Author

Owner

Copy Link

@zeripath commented on GitHub (Mar 2, 2021):

#13989 and #14607 are not in a released version of Gitea yet and they won't go in to 1.12. #14607 will be in 1.13.3 when it is released.

Please re-test on release/v1.13 or master. I'm closing as duplicate please reopen if this remains true on release/v1.13 or v1.13.3 when it is released.

Duplicate #13984

@zeripath commented on GitHub (Mar 2, 2021): #13989 and #14607 are not in a released version of Gitea yet and they won't go in to 1.12. #14607 will be in 1.13.3 when it is released. Please re-test on release/v1.13 or master. I'm closing as duplicate please reopen if this remains true on release/v1.13 or v1.13.3 when it is released. Duplicate #13984

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

release/v1.25

release/v1.24

release/v1.23

release/v1.22

release/v1.21

release/v1.20

release/v1.19

release/v1.18

release/v1.17

release/v1.16

release/v1.15

release/v1.14

release/v1.13

release/v1.12

release/v1.11

release/v1.10

release/v1.9

release/v1.8

v1.25.3

v1.25.2

v1.25.1

v1.25.0

v1.24.7

v1.25.0-rc0

v1.26.0-dev

v1.24.6

v1.24.5

v1.24.4

v1.24.3

v1.24.2

v1.24.1

v1.24.0

v1.23.8

v1.24.0-rc0

v1.25.0-dev

v1.23.7

v1.23.6

v1.23.5

v1.23.4

v1.23.3

v1.23.2

v1.23.1

v1.23.0

v1.23.0-rc0

v1.24.0-dev

v1.22.6

v1.22.5

v1.22.4

v1.22.3

v1.22.2

v1.22.1

v1.22.0

v1.23.0-dev

v1.22.0-rc1

v1.21.11

v1.22.0-rc0

v1.21.10

v1.21.9

v1.21.8

v1.21.7

v1.21.6

v1.21.5

v1.21.4

v1.21.3

v1.21.2

v1.20.6

v1.21.1

v1.21.0

v1.21.0-rc2

v1.21.0-rc1

v1.20.5

v1.22.0-dev

v1.21.0-rc0

v1.20.4

v1.20.3

v1.20.2

v1.20.1

v1.20.0

v1.19.4

v1.21.0-dev

v1.20.0-rc2

v1.20.0-rc1

v1.20.0-rc0

v1.19.3

v1.19.2

v1.19.1

v1.19.0

v1.19.0-rc1

v1.20.0-dev

v1.19.0-rc0

v1.18.5

v1.18.4

v1.18.3

v1.18.2

v1.18.1

v1.18.0

v1.17.4

v1.18.0-rc1

v1.19.0-dev

v1.18.0-rc0

v1.17.3

v1.17.2

v1.17.1

v1.17.0

v1.17.0-rc2

v1.16.9

v1.17.0-rc1

v1.18.0-dev

v1.16.8

v1.16.7

v1.16.6

v1.16.5

v1.16.4

v1.16.3

v1.16.2

v1.16.1

v1.16.0

v1.15.11

v1.17.0-dev

v1.16.0-rc1

v1.15.10

v1.15.9

v1.15.8

v1.15.7

v1.15.6

v1.15.5

v1.15.4

v1.15.3

v1.15.2

v1.15.1

v1.14.7

v1.15.0

v1.15.0-rc3

v1.14.6

v1.15.0-rc2

v1.14.5

v1.16.0-dev

v1.15.0-rc1

v1.14.4

v1.14.3

v1.14.2

v1.14.1

v1.14.0

v1.13.7

v1.14.0-rc2

v1.13.6

v1.13.5

v1.14.0-rc1

v1.15.0-dev

v1.13.4

v1.13.3

v1.13.2

v1.13.1

v1.13.0

v1.12.6

v1.13.0-rc2

v1.14.0-dev

v1.13.0-rc1

v1.12.5

v1.12.4

v1.12.3

v1.12.2

v1.12.1

v1.11.8

v1.12.0

v1.11.7

v1.12.0-rc2

v1.11.6

v1.12.0-rc1

v1.13.0-dev

v1.11.5

v1.11.4

v1.11.3

v1.10.6

v1.12.0-dev

v1.11.2

v1.10.5

v1.11.1

v1.10.4

v1.11.0

v1.11.0-rc2

v1.10.3

v1.11.0-rc1

v1.10.2

v1.10.1

v1.10.0

v1.9.6

v1.9.5

v1.10.0-rc2

v1.11.0-dev

v1.10.0-rc1

v1.9.4

v1.9.3

v1.9.2

v1.9.1

v1.9.0

v1.9.0-rc2

v1.10.0-dev

v1.9.0-rc1

v1.8.3

v1.8.2

v1.8.1

v1.8.0

v1.8.0-rc3

v1.7.6

v1.8.0-rc2

v1.7.5

v1.8.0-rc1

v1.9.0-dev

v1.7.4

v1.7.3

v1.7.2

v1.7.1

v1.7.0

v1.7.0-rc3

v1.6.4

v1.7.0-rc2

v1.6.3

v1.7.0-rc1

v1.7.0-dev

v1.6.2

v1.6.1

v1.6.0

v1.6.0-rc2

v1.5.3

v1.6.0-rc1

v1.6.0-dev

v1.5.2

v1.5.1

v1.5.0

v1.5.0-rc2

v1.5.0-rc1

v1.5.0-dev

v1.4.3

v1.4.2

v1.4.1

v1.4.0

v1.4.0-rc3

v1.4.0-rc2

v1.3.3

v1.4.0-rc1

v1.3.2

v1.3.1

v1.3.0

v1.3.0-rc2

v1.3.0-rc1

v1.2.3

v1.2.2

v1.2.1

v1.2.0

v1.2.0-rc3

v1.2.0-rc2

v1.1.4

v1.2.0-rc1

v1.1.3

v1.1.2

v1.1.1

v1.1.0

v1.0.2

v1.0.1

v1.0.0

v0.9.99

Labels

Clear labels

$20

$250

$50

$500

backport/done

💎 Bounty

docs-update-needed

good first issue

hacktoberfest

issue/bounty

issue/confirmed

issue/critical

issue/duplicate

issue/needs-feedback

issue/not-a-bug

issue/regression

issue/stale

issue/workaround

lgtm/need 2

modifies/api

modifies/translation

outdated/backport/v1.18

outdated/theme/markdown

outdated/theme/timetracker

performance/bigrepo

performance/cpu

performance/memory

performance/speed

pr/breaking

proposal/accepted

proposal/rejected

pr/wip

pull-request

Mirrored from GitHub Pull Request

reviewed/wontfix

💰 Rewarded

skip-changelog

status/blocked

topic/accessibility

topic/api

topic/authentication

topic/build

topic/code-linting

topic/commit-signing

topic/content-rendering

topic/deployment

topic/distribution

topic/federation

topic/gitea-actions

topic/issues

topic/lfs

topic/mobile

topic/moderation

topic/packages

topic/pr

topic/projects

topic/repo

topic/repo-migration

topic/security

topic/theme

topic/ui

topic/ui-interaction

topic/ux

topic/webhooks

topic/wiki

type/bug

type/deprecation

type/docs

type/enhancement

type/feature

type/miscellaneous

type/proposal

type/question

type/refactoring

type/summary

type/testing

type/upstream

No Label issue/duplicate

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/gitea#6949