feat(config): add auth-key CLI and server cache settings

author: Paul Buetow <paul@buetow.org> 2026-03-03 10:45:50 +0200
committer: Paul Buetow <paul@buetow.org> 2026-03-03 10:45:50 +0200
commit: 2de007f9ef8ae2724b9fbe2808ee25cbfe4ca876 (patch)
tree: f91a742d682928ef12eb5a011411c3bb0ef16a02 /internal/ssh/server/publickeycallback.go
parent: 6d50a475114699911f2ebe1376915cd8317f1881 (diff)
1 files changed, 5 insertions, 3 deletions
diff --git a/internal/ssh/server/publickeycallback.go b/internal/ssh/server/publickeycallback.go
index ae6ee60..c4624f4 100644
--- a/internal/ssh/server/publickeycallback.go
+++ b/internal/ssh/server/publickeycallback.go
@@ -23,9 +23,11 @@ func PublicKeyCallback(c gossh.ConnMetadata,
 	}
 	dlog.Server.Info(user, "Incoming authorization")
 
-	if permissions := authKeyStorePermissions(user.Name, offeredPubKey); permissions != nil {
-		dlog.Server.Info(user, "Authorized by in-memory auth key store")
-		return permissions, nil
+	if config.Server != nil && config.Server.AuthKeyEnabled {
+		if permissions := authKeyStorePermissions(user.Name, offeredPubKey); permissions != nil {
+			dlog.Server.Info(user, "Authorized by in-memory auth key store")
+			return permissions, nil
+		}
 	}
 
 	authorizedKeysFile, err := authorizedKeysFile(user)
author	Paul Buetow <paul@buetow.org>	2026-03-03 10:45:50 +0200
committer	Paul Buetow <paul@buetow.org>	2026-03-03 10:45:50 +0200
commit	2de007f9ef8ae2724b9fbe2808ee25cbfe4ca876 (patch)
tree	f91a742d682928ef12eb5a011411c3bb0ef16a02 /internal/ssh/server/publickeycallback.go
parent	6d50a475114699911f2ebe1376915cd8317f1881 (diff)