Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Do not require user interaction in tsh status when using hardware keys #48705

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Do not require user interaction in tsh status when using hardware keys #48705

wants to merge 1 commit into from
+13 −2

Conversation

gzdunek
Copy link
Contributor

@gzdunek gzdunek commented Nov 8, 2024

As discussed in #20849, tsh status shouldn't require user interaction. Unfortunately, since that PR was merged, another remote call has been added that may prompt the user for touch/PIN.

I looked at other usages of onStatus and I believe all of them should be fine with this change. We probably don't need showing access lists to review after creating or dropping an access request.

However, the main reason I opened this PR is that the user is not even able to respond to the prompt:

grzegorz@mbp build % ./tsh status
Enter your YubiKey PIV PIN:
> Profile URL:        https://moon.cloud.gravitational.io:443
  Logged in as:       [email protected]
  Cluster:            moon.cloud.gravitational.io
...

This happens since #47091. We added there a "warm up" call (it prompts for touch/PIN) that ensures the key is ready before we initiate a gRPC dialing. That call receives a context, but unfortunately for tsh status it has a really short deadline - 750 ms, so the user is not even able to provide a PIN or touch.

@github-actions github-actions bot added size/sm tsh tsh - Teleport's command line tool for logging into nodes running Teleport. labels Nov 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Joerger Joerger Awaiting requested review from Joerger

@nklaassen nklaassen Awaiting requested review from nklaassen

@avatus avatus Awaiting requested review from avatus

@marcoandredinis marcoandredinis Awaiting requested review from marcoandredinis

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
backport/branch/v14 backport/branch/v15 backport/branch/v16 backport/branch/v17 no-changelog Indicates that a PR does not require a changelog entry size/sm tsh tsh - Teleport's command line tool for logging into nodes running Teleport.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@gzdunek