Description

With SSH keys, you can connect to Rdiffweb without supplying your username and personal access token at each visit. Rdiffweb allows the same SSH key to be used by multiple users .
For Example:
User A has used SSH key ‘1’ , the same key can be used by User B , User C . The application is identifying a duplicate SSH key via SSH key name that is only a title to identify the key and not the actual SSH key.

Proof of Concept

1) Go to https://rdiffweb-dev.ikus-soft.com/prefs/sshkeys# 
2) Login into account 'A' .Create an SSH key , name it as TEST
3) Login into account 'B'. Create SSH key using the same public key , just name it as BEST

Note: if you use the same name - TEST then , it will say that this key is duplicate . The application is identifying duplicates through the name and not the key.