<div dir="ltr">It is looks like that such plugin for Gerrit is necessary. I agreed that Gerrit is a main<div>consumer for SSH keys, so such confusing can take place.</div><div><br></div><div>Any way every consumer should store ssh keys in cache, so it is not very critical issue </div><div>for refstack. But for future using <a href="http://openstackid.org">openstackid.org</a> as a auth/user_info provider it will be really</div><div>great to have a single place for managing own SSH keys.</div><div> <br><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Apr 17, 2015 at 7:55 PM, Jeremy Stanley <span dir="ltr"><<a href="mailto:fungi@yuggoth.org" target="_blank">fungi@yuggoth.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On 2015-04-17 18:38:11 +0300 (+0300), Sergey Slypushenko wrote:<br>
[...]<br>
<span>> It should be look like <a href="http://review.openstack.org" target="_blank">review.openstack.org</a> or github works. It is<br>
> lead us to necessity of keeping public key in our application.<br>
> Basically, it is ok, but if Openstackid.org is planning to be<br>
> widely used, it will be good if it can keep user's public keys in<br>
> one place and manage access to them. It will be good alternative<br>
> to store and manage users' public keys in every project. So, I'm<br>
> asking Openstackid.org developers to consider a necessity and<br>
> possibility to add such feature.<br>
<br>
</span>I agree this would be a great. It's too bad Gerrit doesn't seem to<br>
currently support storing SSH keys anywhere besides directly in its<br>
database, but maybe we can find someone willing to implement lookups<br>
there via some network protocol (for example, Gerrit already<br>
supports looking up SSH usernames via LDAP). As a result I worry a<br>
little that if we expose an SSH key management option prominently in<br>
OpenStackID then it _may_ further confuse new contributors who don't<br>
realize they need to separately manage SSH keys in Gerrit too. But<br>
maybe there's a suitable compromise.<br>
<span><font color="#888888">--<br>
Jeremy Stanley<br>
</font></span></blockquote></div><br></div></div></div>