mirror of
https://github.com/fosrl/pangolin.git
synced 2026-07-15 21:31:24 -05:00
[GH-ISSUE #3256] Web based SSH Access only possible for Admin role #35769
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @daniel-san05 on GitHub (Jun 12, 2026).
Original GitHub issue: https://github.com/fosrl/pangolin/issues/3256
Originally assigned to: @oschwartz10612 on GitHub.
Describe the Bug
I tested the new web based SSH acces as public ressource in Pangolin 1.19.1 Enterprise.
Basically it works very well - but only for members of the Admin role.
If you define a custom role extra for SSH access or extend the default Member group with SSH access rights you got a „sshErrorSignKeyFailed: Request failed with status code 403“ error after opening the ressource.
Environment
To Reproduce
Tested with custom role only for SSH access or the default Member group with adding SSH access rights.
Tested with local user and auto provisioned OIDC user (in my case Authelia) with default Member role assigned - it does not work.
The local user assigned to the Admin role or the OIDC auto provisioned user assigned to the Admin role can access the public ressource via SSH in browser without any problem.
Expected Behavior
Web based SSH Access should open for users with custom role for SSH access rights assigned only or when extending the default Member group with SSH access rights.
@oschwartz10612 commented on GitHub (Jun 12, 2026):
👀
@oschwartz10612 commented on GitHub (Jun 12, 2026):
Are you running the latest badger? If the migration updated the config for you could you restart traefik to make sure it pulls the latest badger? It should be
v1.4.1@daniel-san05 commented on GitHub (Jun 12, 2026):
Yes, here is the unformatted snippet of my traefik_config.yml:
experimental:
plugins:
badger:
moduleName: github.com/fosrl/badger
version: v1.4.1
Made a Docker Compose down and up -d a second time. Problem persists.
For my Admin role user I can see the newt logs for adding the user to the sudo group and creating the Home directory. For the user of the Member group no newt logs are generated at all so far.
Regards,
Daniel
@oschwartz10612 commented on GitHub (Jun 12, 2026):
Issue identified will be fixed in the next patch today