New freistilbox feature: User SSH Keys

Published 2019-06-26 by Jochen Lillich

Making freistilbox users’ lives easier: they can now add SSH keys to their user profile and have them deployed automatically to every website of their organisation.

While we probably don’t use the milestones feature of Gitlab enough, there’s one milestone whose usage and importance has grown rapidly lately. It’s in the “freistilbox Dashboard/API” repository and it’s called “User-centric world”. No, it didn’t take us nine years to realise that it’s good business practice to put the user in the center. 😄 But since we developed the Dashboard application on top of the already existing system infrastructure, its design was influenced more by the technical implementation of our managed hosting platform than by UX viewpoints. In order to change this for the better, we keep filing issues under the “User-centric world” milestone. We resolve them one by one, and the latest result of our work is a new feature we call “User SSH Keys”.

Up until now, the SSH keys required to access the code repository of a website (as well as the website’s asset files) had to be filed for each website separately. Unfortunately, that created a lot of work, especially for users running lots of websites on freistilbox. For example, when a new member joined their team, they had to add this new member’s key to each and every website manually. The same applied to members leaving the team or simply changing their key. Ugh, that’s really tedious.

With the new User SSH Keys feature, users can now manage their SSH key (or keys) in their user profile. When they add or remove a key, this change gets deployed automatically to the hosting platform for all websites belonging to their organisation. Note that User SSH Keys won’t appear on a website’s dashboard page; the old website SSH keys are managed separately from User SSH Keys. This allows you to add special keys specifically to a single website, for example to permit access to external collaborators or your CI/CD system.

For freistilbox users, adding their current SSH keys to their user profile is the most efficient way to manage repository and asset file access from here on. In order to minimise the deployment of duplicate or expired keys, we recommend removing keys of organisation members from websites to which they are assigned directly. In other words, with this new feature, most websites won’t have to have any SSH keys assigned directly because access is granted completely via User SSH Keys.

At this stage, all users of an organisation get SSH access to all the organisation’s websites. There is no way to limit access to a specific website to a subset of users, and neither to grant access to a freistilbox user account from outside the organisation. Yet. 🙂 But we can assure you these features already have their own issue entries under the “User-centric world” milestone!

Are you happy with this change? Send us your feedback on Twitter!