rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
coolify/app
History
pannous 4bf94fac2d fix: prevent sporadic SSH permission denied by validating key content 
The root cause of sporadic "Permission denied (publickey)" errors was
that validateSshKey() only checked if the key file existed on disk,
never verifying its content matched the database. When keys were rotated
or updated, the stale file persisted and SSH used the wrong key.

Changes:
- validateSshKey() now refreshes key from DB and compares file content
- Server saved event detects private_key_id changes to invalidate mux
- PrivateKey storeInFileSystem() uses file locking to prevent races
- PrivateKey saved event auto-resyncs file on key content changes
- Enforces 0600 permissions on key files

Fixes coollabsio/coolify#7724
2026-03-15 03:06:21 +01:00
..
Actions feat(proxy): add database-backed config storage with disk backups 2026-03-11 14:11:31 +01:00
Console feat(jobs): optimize async job dispatches and enhance Stripe subscription sync 2026-02-28 13:18:44 +01:00
Contracts refactor: streamline job status retrieval and clean up repository interface 2025-01-10 19:53:13 +01:00
Data feat(proxy): add Traefik version tracking with notifications and dismissible UI warnings 2025-11-18 14:53:49 +01:00
Enums Add new role enum and apply authorization 2024-10-28 17:08:24 +01:00
Events Make proxy restart run as background job to prevent localhost lockout 2025-12-03 10:30:12 +01:00
Exceptions feat(api): Improve OpenAPI spec and add rate limit handling for Hetzner 2025-12-11 12:12:43 +01:00
Helpers fix: prevent sporadic SSH permission denied by validating key content 2026-03-15 03:06:21 +01:00
Http fix(api): cast teamId to int in deployment authorization check 2026-03-12 13:25:10 +01:00
Jobs fix(git-import): explicitly specify ssh key and remove duplicate validation rules 2026-03-12 14:19:53 +01:00
Listeners fix(proxy): defer UI refresh until Traefik version check completes 2025-12-27 15:16:58 +01:00
Livewire fix(git-import): explicitly specify ssh key and remove duplicate validation rules 2026-03-12 14:19:53 +01:00
Models fix: prevent sporadic SSH permission denied by validating key content 2026-03-15 03:06:21 +01:00
Notifications Fix: Allow test emails to be sent to any email address 2025-12-12 11:12:19 +01:00
Policies chore: prepare for PR 2026-02-25 11:18:46 +01:00
Providers Remove webhook maintenance mode replay feature 2025-12-02 13:36:32 +01:00
Repositories refactor: streamline job status retrieval and clean up repository interface 2025-01-10 19:53:13 +01:00
Rules fix(server): handle limit edge case and IPv6 allowlist dedupe 2026-03-03 17:03:46 +01:00
Services feat(scheduler): add pagination to skipped jobs and filter manager start events 2026-02-28 16:23:58 +01:00
Support refactor: consolidate file path validation patterns and support scoped packages 2026-03-12 13:09:13 +01:00
Traits feat(git-import): support custom ssh command for fetch, submodule, and lfs 2026-03-12 13:32:43 +01:00
View/Components feat: add availableSharedVariables method and enhance env-var-input component for better password handling 2025-11-27 10:23:46 +01:00