Issue 1164: Batch users can't have multiple SSH keys
Status:  CannotReproduce
Owner: ----
Closed:  Oct 2011
Reported by greg.hur...@causes.com, Oct 29, 2011
Affected Version:

2.2.1

What steps will reproduce the problem?
1. Using the gsql console, insert an additional SSH public key into the ACCOUNT_SSH_KEYS for a user in the "Non-Interactive Users" group
2. Try to connect via SSH as that user (eg. ssh -p 29418 -l the_batch_user -i the_private_key -v gerrit.example.com)
3. Observe as the key you just added is rejected by the Gerrit server

What is the expected output? What do you see instead?

I was able to confirm that normal users can can have multiple SSH keys. Copying the exact same key to a batch user, the batch user can only login with the first SSH key in the table for it (ie. the one with SEQ = 1).

I was able to confirm that inserting SSH keys via gsql works for non-batch users, so it's not a gsql issue.

Please provide any additional information below.

Background: this is for a bunch of Jenkins slaves. They all generate their own key using ssh-keygen and we stick that into the Gerrit database so they can clone the code during their test runs.

Workarounds:

- have all slaves share the same key pair
- create separate batch users for each jenkins slave (in any case, in the end, only the jenkins master instance ends up executing  "gerrit approve")
Oct 31, 2011
#1 sop@google.com
Batch users are not special. They should also be accepting any key on their list. I suspect the key was malformed, or the SSH key cache wasn't flushed in the server after it was added to the database.
Status: CannotReproduce