`upterm host` should reject any unauthenticated users when `--authorized-key`, `--github-user` or `--gitlab-user` option is present

[lhotari]

Problem: I ran into an issue where I had a passed an empty file to --authorized-key option for the upterm host command.

Steps to reproduce

1. Start a new upterm host session in a docker container:

   # start a new ubuntu docker container
   docker run --rm -it ubuntu:20.04 bash

   # in the container run these commands to start upterm
   apt-get update
   DEBIAN_FRONTEND=noninteractive apt-get -y install --no-install-recommends curl openssh-client ca-certificates
   curl -sL https://github.com/owenthereal/upterm/releases/download/v0.7.6/upterm_linux_amd64.tar.gz | \
   tar zxvf - -C /tmp upterm && \
   install /tmp/upterm /usr/local/bin/ && rm -rf /tmp/upterm
   mkdir -p ~/.ssh && chmod 0700 ~/.ssh
   ssh-keygen -q -t ed25519 -N "" -f ~/.ssh/id_ed25519
   # Auto-generate ~/.ssh/known_hosts by attempting connection to uptermd.upterm.dev
   ssh -i ~/.ssh/id_ed25519 -o 'StrictHostKeyChecking no' uptermd.upterm.dev
   cat <(cat ~/.ssh/known_hosts | awk '{ print "@cert-authority * " $2 " " $3 }' | sort | uniq) >> ~/.ssh/known_hosts
   touch ~/.ssh/authorized_keys
   upterm host -a $HOME/.ssh/authorized_keys -- bash

2. Use the SSH session string in another terminal. The client connects to the upterm session. This is unexpected since -a $HOME/.ssh/authorized_keys is passed to upterm host.

Expected behavior

upterm host should reject any unauthenticated users when --authorized-key, --github-user or --gitlab-user option is present. An empty authorized keys file shouldn't be an exception.

[bavarianbidi]

:+1: from my side. we've run into the same issue and we are first wondering why we are still able to login.

IMHO we could fail if one of the flags are defined and if len(authorizedKeys) > 0.

https://github.com/owenthereal/upterm/blob/98036a647cc210f976d5f09bd6c137d795283bc1/cmd/upterm/command/host.go#L196-L211