Codeberg Status3d ago

Good news: We have addressed recent SSH performance degradation by replacing linear parsing of the authorized_keys file with a custom AuthorizedKeys command.

This is what GitHub and GitLab have been doing for years, and we have grown to a size where this has become necessary for us as well.

The cause for the degradation was still abusive patterns, as connections without valid key take more resources (scanning the file to the end) than legitimate users (scanning is stopped after match).

Show threadCodeberg Status3d ago

Bad news: Performance on Codeberg is still slow. We're seeing a lot of abusive cloning and crawling and have limited the ability to clone for several minutes to investigate the situation.

We're still investigating the situation and taking respective countermeasures. We try to keep the impact on legitimate usage as small as possible.

Show threadAdële 🐁!
@codebergstatus if each user would connect with a different account (instead of the common git user), it would simplify authorized key seeking, I guess 🤔
May 27 at 5:01pmWeb
Show threadJulien Palard3d ago
@adele @codebergstatus And clone quotas could be applied to users.