Deprecate manually configuring the git user's SSH client configuration
Currently, the git user on a GitLab server can have custom SSH client configuration placed into ~git/.ssh/config. id_rsa and other configuration files are also picked up automatically.
This custom manual configuration is automatically picked up and used in a number of places. However, it's insecure as there are no per-gitlab-user access controls on use of the key. In multi-host setups, e.g., with GitLab Shell moving to Gitaly, we will also be breaking things in peculiar ways.
In time for %10.0, we should include checks for the presence of these files in rake gitlab:check and output a warning / fail the check if they are present, asking the user to remove those files. We should also include a warning in the documentation and release post for %10.0 specifying that this functionality is not supported and will be removed.
Once every use case that depends on this functionality (pull and push mirroring in EE over SSH, for instance) has a sensible alternative, we can add code to GitLab that causes this custom configuration to be disregarded even if it is present.
See https://gitlab.com/gitlab-org/gitlab-ee/issues/3271 and https://gitlab.com/gitlab-org/gitlab-ee/issues/98 for more context.