Pull repository mirroring: Support for SSH keys

Resources

FE @kushalpandya BE @nick.thomas

• Zendesk ticket: https://gitlab.zendesk.com/agent/tickets/13079
• Dev link: None
• GitLab version: 8.2

Customer would like support for configuring repository mirroring with Git over SSH, and thus, support for SSH keys. This is in addition to the current support for mirroring via http(s).

@DouweM @dzaporozhets What do you think?

---

Scope:

This is what is required for this feature:

• We need to update the Mirror repository settings view
• We need new types of user/server credentials. Hence, we'll add a dropdown in this screen to choose between:
  • Password authentication (as it is now)
  • New protocol: SSH public-key authentication. We generate a private key and display the public part to the user so they can copy and paste it onto their server, or into GitLab as a deploy key for the source project.
• known_hosts management:
  • Should be invisible for non-SSH URLs
  • When we setup SSH (which can be password or pubkey-auth-based), we need to detect the host keys and present their fingerprints to the user to confirm that they're valid.
  • When we edit SSH setup, we also need to re-trigger the verification
  • Advanced users may want to enter known_hosts data directly. They should be able to click a button to get a <textarea> they can input directly into, rather than using automatic detection
  • Who verified the host keys (i.e., submitted the form), and when, should be displayed for audit purposes.

Design

Password authentication	SSH public key authentication